IJCSIS Vol. 13 No.

IJCSIS PUBLICATION 2015

IJCSISISSN (online): 1947-5500Please consider to contribute to and/or forward to the appropriate groups the following opportunity to submit and publishoriginal scientific results.

CALL FOR PAPERS

International Journal of Computer Science and Information Security (IJCSIS)January-December 2015 IssuesThe topics suggested by this issue can be discussed in term of concepts, surveys, state of the art, research,standards, implementations, running experiments, applications, and industrial case studies. Authors are invitedto submit complete unpublished papers, which are not under review in any other conference or journal in thefollowing, but not limited to, topic areas.See authors guide for manuscript preparation and submission guidelines.Indexed by Google Scholar, DBLP, CiteSeerX, Directory for Open Access Journal (DOAJ), BielefeldAcademic Search Engine (BASE), SCIRUS, Scopus Database, Cornell University Library, ScientificCommons,ProQuest, EBSCO and more.

For more topics, please see web site https://sites.google.com/site/ijcsis/

For more information, please visit the journal website (https://sites.google.com/site/ijcsis/)

EditorialMessage from Managing EditorThe International Journal of Computer Science and Information Security (IJCSIS) is a refereed,international publication featuring the latest research findings and industry solutions involving allaspects of computing and security. The editorial board is pleased to present the June 2015 issue.The purpose of this edition is to disseminate experimental and theoretical research from bothindustry and academia in the broad areas of Computer Science, ICT & Security and further bringtogether people who work in the relevant areas. As the editors of this issue, we are glad to seevariety of articles focusing on the major topics of innovation and computer science; computersecurity, interdisciplinary applications, information technologies etc. This journal promotesexcellent research publications which offer significant contribution to the computer scienceknowledge and which are of high interest to a wide academic/research/practitioner audience.Over the last five years, we have witnessed significant growth of IJCSIS in several key areas,include the expansion of scope to recruit papers from emerging areas of green & sustainablecomputing, cloud computing security, forensics, mobile computing and big data analytics. IJCSISarchives all publications in major academic/scientific databases and is indexed by the followingInternational agencies and institutions: Google Scholar, CiteSeerX, Cornells University Library, EiCompendex, Scopus, DBLP, DOAJ, ProQuest, ArXiv, ResearchGate and EBSCO.We are indebted to the wonderful team of publication staff members, associate editors, andreviewers for their dedicated services to select and publish extremely high quality papers forpublication in IJCSIS. In particular, I would like to thank all associate editors who have answeredthe frequent calls to process the papers assigned to them in a timely fashion. I would also like tothank the authors for submitting their high quality papers to IJCSIS and the readers for continuedsupport to IJCSIS by citing papers published in IJCSIS. Without their continued and unselfishcommitments, IJCSIS would not have achieved its current premier status.We support researchers to succeed by providing high visibility & impact value, prestige andefficient publication process & service.For further questions please do not hesitate to contact us at ijcsiseditor@gmail.com.

1. Paper 31051522: A Variability Modeling Method for Facial Authentication (pp. 1-13)Obaidul Malek, Center for Biometrics and Biomedical Research Virginia, USAMohammad Matin, Electrical and Computer Engineering University of Denver, Colorado, USARabita Alamgir, Center for Biometrics and Biomedical Research Virginia, USALaila Alamgir, Howard University, DCAbstract Most biometric authentication methods have been developed under the assumption that the extractedfeatures that participate in the authentication process are fixed. But the quality and accessibility of biometric featuresface challenges due to position orientation, illumination, and facial expression effects. This paper addresses thepredominant deficiencies in this regard and systematically investigates a facial authentication system in the variablefeatures domain. In this method, the extracted features are considered to be variable and selected based on theirquality and accessibility. Furthermore, the Euclidean geometry in 2-D computational vector space is beingconstructed for features extraction. Afterwards, algebraic shapes of the features are computed and compared. Theproposed method is being tested on images from two public databases: the Put Face Database and the IndianFace Database. Performance is evaluated based on the Correct Recognition (CRR) and Equal Error (EER) rates.The theoretical foundation of the proposed method along with the experimental results are also presented in thispaper. The results obtained in the experiment demonstrate the effectiveness of the proposed method.Index TermsCRR, EER, Euclidean geometry, and facial biometric.

2. Paper 31051534: Multi-Channel User Authentication Protocol based on Encrypted Hidden OTP (pp. 1419)Ashraf Aboshosha, NCRRT, Atomic Energy Authority, Cairo, EgyptKamal A. ElDahshan, Faculty of Science, Al-Azhar University, Cairo, EgyptEman K. Elsayed, Faculty of Science (Girls), Al-Azhar University, Cairo, EgyptAhmed A. Elngar, Faculty of Science, Al-Azhar University, Cairo, EgyptAbstract Remote user authentication plays the most fundamental procedure to identify the legitimate users of aweb service on the Internet. In general, the password-based authentication mechanism provides the basic capabilityto prevent unauthorized access. Since, many researchers have proposed a number of password based authenticationschemes which rely on a single channel for authentication. However to achieve a better security, it is possible toengage multi-channels for authenticating users. In this paper, we propose an efficient one time password (OTP)based authentication protocol over a multi-channels architecture. Where, the proposed protocol employing the RC4EA encryption method to encrypt the plain-OTP to cipher-OTP. Then, Quick Response Code (QR) code is used as adata container to hide this cipher-OTP. Also, the purpose of the protocol is to integrate a web based application withmobile-based technology to communicate with the remote user over a multi-channels authentication scheme. Themain advantage of the proposed protocol is to highly secure the authentication system by preventing the OTP fromeavesdropping attack. Also, by integrating a Web-based application with mobile-based technology as a multichannels scheme; the proposed protocol helps to overcome many challenging attacks such as replay attack, DoSattack, man-in-the-middle (MITM) attack, real-time phishing (RTP) and other malware attacks.Keywords-Authentication; Multi-Channel Authentication (MCA); Data hiding; Quick Response Code (QR) code;Encryption.

3. Paper 31051543: A framework for future application of RFID technology for school and vocationaltrainings on Internet of Things (pp. 20-24)Ahmad Shaker Abdalrada, Faculty of Art, University of Wasit, Wasit, Iraq

Abstract Radio Frequency Identification (RFID) is programmed ID innovation without contact, support motionsvia radio recurrence programmed ID which give pertinent destination information, without requirement directmediation of distinguish school children for learning an assortment to study surroundings. Since schools andvocational institute are providing training framework stream through unmatched data, cannot fulfill more reasonablefor upcoming study interest. Internet of Things (IoT) overwhelmed customary flaw for structure code, which supportto university, school or worldwide group of vocational training greatest concern and examination.Keywords: RFID Innovation, Internet of Things, Future Application

(pp. 25-33)(1) Abdullah Rashed and (2) Nancy Alajarmeh(1) Independent Reseacher, (2) Tafila Technical UniversityAbstract - Human misbehaviors cause security systems breaches. One of the reasons behind this fact is neglectinghuman acceptance. For that reason, new technologies are usually faced with rejection or acceptance issues.Technology Acceptance Model (TAM) is one of the well-known models used to predict the acceptance of newtechnologies. Biometrics as an authentication direction is still under development. Relying on Bi-ometrics forauthentication has some important characteristics; mainly, being faster and easier due to the fact that users will notbe involved with unfamiliar interfaces, such as typing password, signing or even de-liberate exposing to some partof the body. This study investigates the users intention to use biometrics as an authentication tool among youngArab people. A survey involving 74 individuals was conducted. The results reveal that perceived ease of use andperceived usefulness are significant drivers of the behavior of intention to use biometrics as an authentication tool.In addition, results show that perceived usefulness is the most crucial factor in making a decision whether or not toadopt new technologies.Keywords: Intention to Use, Biometrics Technology, Authentication.

5. Paper 30061412: Novel Usage of Gujarati Tithi in Weather Analysis of Surat, India (pp. 34-37)D. P. Rana, COED, SVNIT, Surat, IndiaP. Chaudhari, COED, SVNIT, Surat, IndiaN. J. Mistry, CED, SVNIT, Surat, IndiaM. M. Raghuwanshi, COED, RGCER, Nagpur, IndiaAbstract Vikram samwat Gujarati Calendar is the well known and ancient calendar used by Gujaratis in Indiawhich is following the time period of the successive return of the moon in conjunction or opposition to the sun inrelation to the earth. The data mining technique retrieves the knowledge from the data without any pre hypothesis.This research is to apply computer intelligence to analyze the association of one of the weather parametertemperature according to this calendar using temporal association rule mining. The experiment result proves thatthere exist the special associations between weather parameters and this calendar which can provide new insight tothe researchers of this area and does not require any extra expertise in weather.Keywords- Temporal association rule mining; weather prediction; Gujarati tithi

Abstract A liberal amount of software applications are in market for generating a sketch out of an image, the viceversa though is unacquainted. Whereas such an implementation will prove to be purposive to the crime investigationdepartments. Such a youthful approach for generating an image from a sketch is suggested in this paper by followinga process of, breaking down the sketch into constituent or component of face, matching or comparing these featureswith the available database, selecting the best match followed by registering or pasting these image components on ablank face image, performing filtering algorithm in order to perform smoothening of image.Index TermsFeature detection, feature extraction, facial components, filtering algorithms, fiducial points,smoothening image.

7. Paper 31051511: Safeties on the Web Development (pp. 42-48)

Geraldo Cesar Cantelli, Department of I.T. Research, Fatec Ourinhos (Technology College), Ourinhos, So Paulo BrazilAbstract The present work shows in its introduction to the importance of information security in the currentenvironment of digital culture, especially after the occurred on September 11, 2001 in the United States. The subjectinvolves not only information technology-related companies but can verify this concern in the daily life of thecompanies and therefore specific laws Governments. This can be verified in building distributed systems (includingoperating systems and managerial), in the infrastructure of networks of companies and organizations and web sites.This study analyzes the mechanism of the servers of Internet pages because many attacks exploit thesevulnerabilities. Programming of web sites (mainly dynamic content) can also be used to circumvent the security andenable an occurrence of illegal access. Programmers should note some important features to avoid the predatoryaction of invaders, because no one can build web sites without taking into account the hosting and the creation ofsource code which is intended to reduce the vulnerability of the system to a minimum acceptable. Finally, commentson the ten most common types of vulnerabilities to be observed when making web sites according to the OWASP(The Open Web Application Security Project) aims to create awareness about security in programming sites.Keywords-Security, information, network infrastructure, distributed systems.

8. Paper 31051512: Analysis of Activities and Operations in the Current E-Health Landscape in Tanzania:Focus on Interoperability and Collaboration (pp. 49-54)Alfred Kajirunga, Computation and Communication Science & Engineering, Nelson Mandela African Institution ofScience and Tech, Arusha, TanzaniaKhamisi Kalegele, Computation and Communication Science & Engineering, Nelson Mandela African Institution ofScience and Tech, Arusha, TanzaniaAbstract Although the basic application of Information and Communication Technologies (ICT) in the Tanzanianhealth care systems started years ago, still fragmentation of Information Systems (IS) and limited interoperabilityremain to be big challenges. In this paper, we present an analysis done on the present health care delivery service,HIS and on some of existing eHealth solutions focusing on interoperability and collaboration. Through interviews,questionnaires and analysis on e-health implementations in relation to interoperability and collaboration we haveestablished that, the lack of standard procedures to guide the lifecycle of eHealth systems across the health sectorand poor willingness to collaboration among health stakeholders are key issues which hinders the manifestation ofthe benefit of ICT use in the health sector of Tanzania. Based on the findings, we provide some recommendationswith a view to improve interoperability and collaboration.Keywords: eHealth; healthcare; eHealth adoption; interoperability.9. Paper 31051514: A Review on Triangle Based Techniques in Biometric Gait Recognition (pp. 55-59)Monika Jhapate, Lalitesh Choudhary, Ravi Singh PippalRadharaman Engineering College, BhopalAbstract - Biometric system is an analysis of unique biological features of human being. The purpose is used forhuman security and identification. Different conventional biometric (such as face recognition, iris, fingerprint, etc.)

methods are used for security and identification purpose, but they can capture only by physical control or at a closedistance from record search. Gait on a behavioral biometric has attracted more attention recently because it cancapture at a distance with requiring the earlier consent of the observed object. This survey paper covers the currenttrends and method of Gait based surveillance system using triangle methods and compare them.Keywords: Biometric, Gait Recognition, Image Processing, Triangle methods, Pattern Recognition.

10. Paper 31051515: Methodology of Assigning Musical Notations to Sanskrit Verse (pp. 60-67)Pranjali Deshpande, Pune Institute of Computer Technology, Savitribai Phule Pune University, Pune, IndiaPravin Game, Pune Institute of Computer Technology, Savitribai Phule Pune University, Pune, IndiaAbstract Sanskrit literature is unique in its overwhelmingly poetic character. The subjects like science,engineering, medicine, grammar and law are mostly written in the form of poetry which makes them easy tomemorize. The Sanskrit poetry, comprised of Shloka or Verse, is classified in terms of unique meter or Vrutta.Vrutta is the unique pattern formed by the categorization of letters as long and short syllables. Depending on the rulebased Vrutta identification in the verse, the rhythmic enchanting of the Shloka is facilitated. This paper discusses themethod of identification of Vrutta in Sanskrit Shloka and suggests the musical notations based on identified Vrutta,for singing the Shloka. The designed system Sangit Vrutta Darshika can be used as a guide to learn theconstruction of Sanskrit verse. It also facilitates the systematic singing of Sanskrit Shloka which has applications inareas like Music Therapy.Keywords- Grammar, Long syllable, Meter, Metrical classification, Short syllable, Natural Language Processing,Sanskrit, Shloka, Vrutta.

is split into parts based on the image size. Each part is encrypted separately using matrix transpose. The actualencryption is on the picture elements (pixel) that make up the image. After encrypting each part of the image, thepositions of the encrypted images are swapped before transmission of the image can take place. Swapping thepositions of the images is carried out to make the encrypted image more robust for any cryptanalyst to decrypt.Keywords- Image Encryption; Matrices; Pixel; Matrix Transpose

13. Paper 31051527: Using Handheld Mobile System to Address Illiteracy (pp. 77-84)M. Samir Abou El-Seoud, Faculty of Informatics and Computer Science, The British University in Egypt BUE,Cairo, EgyptAmal Dandashi, Dept. of Computer Science and Engineering, Qatar University, Doha, QatarJihad Al Jaam, Dept. of Computer Science and Engineering, Qatar University, Doha, QatarAbdelGhani Karkar, Dept. of Computer Science and Engineering, Qatar University, Doha, QatarIslam Taj-Eddin, Academic Researcher and Computer Science Specialist, Cairo, EgyptAbstract Handheld device systems have been used as tools for teaching people with special needs due tocognitive function enhancement by utility of multimedia, attractive graphics and user-friendly navigation. Can ahandheld device system, such as cellular phone, be used for teaching illiterate people? This paper explores andexploits the possibility of the development of an educational mobile system to help the illiterate people in Egypt.Index TermsGraphical User Interface; Audio; Graphics; Video, Wireless; Mobile System; Arabic alphabet;Arabic speaking illiterate people; illiteracy.14. Paper 31051538: A Road Map of Urdu Layout and Recognizing its Handwritten Digits, Table of Contentsand Multi-font Numerals from Scanned and Handwritten Text Images Using Different Techniques (pp. 8591)Eliza Batool, Hafiza Onsa Mustafa, Maryam Fatima, Aliya Ashraf KhanDepartment of Software Engineering, Fatima Jinnah Women University The Mall, RawalpindiAbstract - Friendly interface is necessary to make the system more efficient and effective. The development of Urdurecognition is key element of research as it provides an efficient and natural way of input to the computer. Thispaper presents a framework based on Urdu layout and recognition of handwritten digits and text images by usingdifferent techniques. After the survey on Urdu documents the following conclusion is made regarding the Data set,Techniques and algorithms that the most widely used technique is HMM and Data set involves the training setwhich contains different image styles and sizes and also hand written text.Keywords: HMM, Urdu documents, Rule based Approach

15. Paper 31051540: Hybrid Genetic Based Multi Dimensional Host Load Aware Algorithm for Schedulingand Optimization of Virtual Machines (pp. 92-102)Mr. T. Thiruvenkadam, Asst. Professor, Department of Computer Science, K.S.Rangasamy College of Arts andScience, Tiruchengode, Tamilnadu, India.Dr. V. Karthikeyani, Asst.Professor, Department of Computer Science, Thiruvalluvar Govt., Arts College,Rasipuram, Tamilnadu, IndiaAbstract - Mapping the virtual machines to the physical machines cluster is called the VM placement. Placing theVM in the appropriate host is necessary for ensuring the effective resource utilization and minimizing the datacentercost as well as power. Here we present an efficient hybrid genetic based host load aware algorithm for schedulingand optimization of virtual machines in a cluster of Physical hosts. We developed the algorithm based on twodifferent methods, first initial VM packing is done by checking the load of the physical host and the user constraintsof the VMs. Second optimization of placed VMs is done by using a hybrid genetic algorithm based on fitnessfunction. Our simulation results show that the proposed algorithm outperforms existing methods and enhances therate of resource utilization through accommodating more number of virtual machines in a physical host.

16. Paper 31031501: Biometric Bank Account Verification System In Nigerian: Challenges AndOpportunities (pp. 103-117)Omogbhemhe Izah Mike, Department Of Computer Science, Ambrose Alli University, Ekpoma Edo State NigeriaIbrahim Bayo Momodu, Department Of Computer Science, Ambrose Alli University, Ekpoma Edo State NigeriaAbstract - Due to the need for strong security for customer financial information in the banking sector, the sector hasstarted the introduction of biometric fingerprint measures in providing securities for banking systems and software.In this paper, we have carefully explained the methodology of using this technology in banking sectors for customerverification and authentication. The challenges and opportunities associated with this technology were alsodiscussed in this paper.Keywords: Security, Biometric, Fingerprint, Bank

(IJCSIS) International Journal of Computer Science and Information Security,

As a result, a step in the direction of facial biometrics

is regarded as a conclusive solution in this area. Thistechnology makes it possible to facilitate the extraction ofunique and undeniable physiological and behavioural characteristics without having the target s (subject) intrusion orknowledge [1-4].There are many different methodologies that have beenstudied for biometric authentication systems, includingshape of the facial features, skin color, and appearance.Among them, the feature-based method is the most efficient due to its measurability, universality, uniqueness, andaccuracy. This approach is becoming the foundation of anextensive array of highly secure identification and personalverification solutions. The most commonly used facial features are the nose, eyes, lips, chin, eyebrows, and ears [5].The systems performance and robustness are largely dependent on the features localization and extraction process.This process can be defined as the selecting of the relevantand useful information that uniquely identifies a subject ofinterest. The overall processing of the system must also becomputationally efficient. However, the human face is a dynamic object with a high degree of variability in its positionorientation and expression. Noncooperative behaviour ofthe user and environmental factors including illuminationeffects also play an unfavourable role in the facial featureextraction process. These effects contaminate the extractedfeatures. Consequently, accessibility to the same biometricfeatures with the expected quality is obstructed because ofthese unavoidable challenges. Therefore, a vital issue infacial biometrics is the development of an efficient algorithm for a biometric authentication in order to overcomethe aforementioned challenges [1-7].This paper addresses the predominant deficiency offacial biometric. Afterward, it systematically investigatesthe facial biometric systems under the assumption thatfacial geometry is influenced by position orientation, facialexpression, and illumination effects. This method addressesthe two challenging issues of the facial biometric, qualityand accessibility. In the proposed method, a new facialauthentication algorithm is being developed to address

AbstractMost biometric authentication methods have

been developed under the assumption that the extracted features that participate in the authentication process are fixed.But the quality and accessibility of biometric features facechallenges due to position orientation, illumination, and facialexpression effects. This paper addresses the predominantdeficiencies in this regard and systematically investigates afacial authentication system in the variable features domain.In this method, the extracted features are considered to bevariable and selected based on their quality and accessibility.Furthermore, the Euclidean geometry in 2-D computationalvector space is being constructed for features extraction. Afterwards, algebraic shapes of the features are computed andcompared. The proposed method is being tested on imagesfrom two public databases: the Put Face Database andthe Indian Face Database. Performance is evaluated basedon the Correct Recognition (CRR) and Equal Error (EER)rates. The theoretical foundation of the proposed methodalong with the experimental results are also presented in thispaper. The results obtained in the experiment demonstratethe effectiveness of the proposed method.Index TermsCRR, EER, Euclidean geometry, and facialbiometric.

I. IntroductionThe rapid evolution of information technology hascaused the traditional token-based authentication and security management system to no longer be sophisticatedenough to handle the challenges of the 21st century. Asa result, biometrics has emerged as the most reasonable,efficient, and ultimate solution to authenticate the legitimacy of an individual [1-3]. Biometrics is an automatedmethod of authenticating an individual based on theirmeasurable physiological and behavioural characteristics.The common biometric traits in this characterization process are fingerprint, face, iris, hand geometry, gait, voice,signature, and keystrokes [1],[2]. Fingerprint, face, and iristraits are widely used in the field of biometric technology.Government and law enforcement organizations includingmilitary, civil aviation, and secret service often need totrack and authenticate dynamic targets under surveillance.Organizations are also required to ensure that an individualin a room or crowd is the same person who had entered it.1

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

these issues. Furthermore, in this method, feature selection,

extraction, and authentication systems have been processedin 2-D geometrical space. Each candidate facial feature isconsidered to be a collection of geometrical coordinates inthe Euclidean domain. The Euclidean distance between thecandidate feature coordinates is estimated and stored as avector to create the biometric template. It is then comparedto the stored template to authenticate the legitimacy of thesubject of interest.The motivation of this method is its ability to select biometric features based on their quality and accessibility, thenextract them to create the biometric template. Importantly,the variabilities of feature selection and extraction are processed without sacrificing efficiency in terms of computingtime and memory usage. For the experimental evaluationof the proposed method, facial images are used from twopublic databases: the Put Face Database and the IndianFace Database. The performance of the proposed methodis evaluated based on Correct Recognition (CRR), FalseAcceptance (FAR), and False Rejection (FRR) rates. AnEqual Error Rate (EER) of 3.49% and CRR of 90.68% havebeen achieved by the proposed method. The experimentalresults demonstrate the superiority of the proposed methodin comparison to its counterparts.The remainder of the paper is organized as follows:Section II presents the literature review related to theproposed method; the theoretical background is presentedin Section III; Section IV represents the detailed analysisand algorithmic formulation of the proposed variabilitymethod; the results and analysis are presented in SectionV ; and discussions and conclusions are included in SectionV I.

approach, the author used PCA for dimension reduction,

while LDA was used to improve the discriminant abilityof the PCA system. The main challenge with this methodis that it is inadequate to deal with the combined effects ofposition orientation, facial expression, and illumination. E.Vezzetti et al. [11] presented a geometric approach to showthe intra-class similarity and extra-class variation betweendifferent faces. This was an interesting study; however, itsmain objective was to formalize some facial geometricalnotations, which can be used to analyze the behaviourof faces, hence the authentication system. B. Hwang [12]et al. constructed a facial database with different positionorientations, facial expressions, and illuminations. Here theauthors used PCA (Principal Component Analysis), Correlation Matching (CM), and Local Feature Analysis (LFA)algorithms to evaluate the performance and limitations ofthe facial authentication systems. However, they did notconsider the variability in their feature selection method.F. Sayeed et al. [13] presented a facial authentication usingthe segmental Euclidean distance method. They used avariant of the AdaBoost algorithm for feature selectionand trained the classifier to enhance the performance ofthe facial detection process. Afterwards, each face wassegmented into nose, chin, eyes, mouth, and foreheadas a separate image; then the Eigenface, discrete cosinetransform, and fuzzy features of each segmented imagewere estimated. Finally, segmental Euclidean distance andSupport Vector Machine (SVM) classifiers were used in theauthentication process. Variability due to different facialposes has been considered in this method, however, itis inadequate to address the issues associated with thecombined effects of facial expression and illumination.

II. Literature Review

The effects of position orientation, facial expression, andillumination on facial features are the vital issues of biometric authentication. Several studies have been conductedto address these issues. S. Du et al. [8] presented a reviewof facial authentication methods and their associated challenges based on pose variations. Their methodologies werebased on invariant features extraction in the multi-viewedand 3D range domain under different pose variations.However, the authors inadequately addressed the issue ofvariability due to the combined effects of facial orientation,expression, and illumination. One study conducted by theNational Science and Technology Council [9] proposeda Linear Discriminant Analysis (LDA) method for facialauthentication. The author used LDA to maximize the interclass and minimize the intra-class variations, since PCAperformance deteriorates if a full frontal face cant be presented. Unfortunately, this model was designed for linearand homogeneous systems and faces challenges workingwith the underlying assumptions if there are an inadequatenumber of data samples in the received dataset. L. Chan etal. [10] proposed a linear facial biometric authenticationsystem using PCA in conjunction with LDA. In that

J. Li et al. [14] proposed a facial authentication system using adaptive image Euclidean distance. In thisadaptive method, both spatial and gray level informationwere used to establish the relationship between pixels.Furthermore, two gray levelsnamely, distance and cosine dissimilaritywere considered between pixels. Theauthors claimed that their proposed method achieved apromising authentication accuracy using adaptive imageEuclidean distance in conjunction with PCA and SVM.But, the authors did not adequately discuss the challengesencountered due to position orientation, facial expression,and illumination effects that need to be overcome withoutsacrificing efficiency and processing time. J. Kalita et al.[15] proposed an eigenvector features extraction methodin conjunction with the estimation of minimum Euclideandistance method to authenticate the facial image. This isa very interesting and straightforward approach and theauthors considered the challenges associated with facialexpression. More importantly, this method would be ableto detect the resultant facial expression of the input image.Unfortunately, the combined effects of expression, orientation, and illumination were not sufficiently addressedin this method. C. Pornpanomchai et al. [16] proposed2

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

to overcome the accessibility issue. Sequential Subspace

Estimation [SSE] method studied in [21] has been used toensure the quality of the extracted features. Furthermore,Euclidean geometry in 2-D computational vector space isbeing constructed for biometric features extraction [22].Afterwards, the algebraic shape of the facial area, as wellas the relative positions and size of the eyes, nose, andlips, have been estimated in order to encode and create thebiometric templates. This encoded template is then storedin the biometrics database in order to be compared with thelive input encoded biometrics in Euclidean vector space.

a human face authentication method using the Euclidean

distance estimation process along with the neural network.In this method, a Correct Recognition Rate (CRR) of 96%at a cost of 3.304 sec (per image) processing time hasbeen achieved. However, this method also did not addresspossible contamination from facial expression, orientation,and illumination effects. H. Lu et al. [17], presented anew PCA algorithm in an uncorrelated multilinear PCAdomain using unsupervised subspace learning of tensorial data. This system offered a methodology to maximize the extraction of uncorrelated multilinear biometriccharacteristics. But it is an iterative process and is notsophisticated enough to deal with the combined effectsof position orientation, facial expression, and illuminationwithout compromising the computation complexity. Thechallenges associated with accessing the same biometricfeatures werent also addressed properly in that method. ABayesian Estimator was conducted by M. Nounou et al.[18], addressing the problem associated with the MLE andPCA algorithms. Unfortunately, this method was developedunder the assumption that the system is not vulnerableto the combined effects of illumination, expression, andposition orientation. J. Suo et at. [19] developed a gendertransformation algorithm based on hierarchy fusion strategy. In that approach the authors used a stochastic graphicalmodel to transform the attributes of a high-resolution facialimage into an image of the opposite gender with the sameage and race image. The main objective is to modifygender attributes while retaining facial identity. This is aninteresting model, however the authors did not consider thechallenges of accessing the same biometric features, dueto the associated heterogeneous nature. L. Lin et al. [20]proposed a hierarchical regenerative model using an AndOr Graph stochastic graph grammar methodology. In thatmodel, a probabilistic bottom-up formulation was used forobject detection, and a recursive top-down algorithm wasused in the verification and searching process. Here, objectswith larger intra-variance were broken into their constituentparts, and linking between the parts was modeled bythe stochastic graph grammar technique. The authors alsoaddressed the localization challenges due to the backgroundclutter effect. But, the proposed verification process wasdeveloped in a homogeneous and controlled environment.In this method, the authors inadequately presented thechallenges associated with the accession and extraction ofthe same features.

III. Theoretical Background

Unlike other facial authentication methods, the proposed

method is developed in the Euclidean domain under the assumption that the quality and accessibility of the extractedbiometrics face challenges due to position orientation,facial expression, and illumination effects. Therefore, thissection presents a theoretical background before gettinginto a detailed analysis of the proposed method.

A. Euclidean VectorThe Euclidean vector measurement is a widely usedmethod for representing points in geometrical space. Inthis case, both a vector and a point (scalar quantity) in nD space can be represented by a collection of n values.But the difference between a vector and a point lies inthe way the geometrical coordinates are interpreted. Apoint might be considered as a scalar way of visualizing avector. The transformation between a vector and a pointin the 2-D geometrical coordinate system is shown inFig 1(a). A Euclidean vector can be represented by aline segment with a definite magnitude and direction. Thealgebraic manipulation process of the Euclidean vector in2-D geometrical space is shown in Fig. 1(b). In fact, allpoints in the Cartesian coordinate system can be definedin Euclidean vector space where a geometrical quantityis expressed as tuples splitting the entire quantity intoits orthogonal-axis components. These points are scalarquantities that can also be used to estimate the algebraicrelationship among the objects (images).

Therefore, in most cases, the biometric features used

in the authentication process are fixed. Consideration ofvariability during the feature selection and extraction process is necessary, since accessibility of the same biometricfeatures may be difficult due to facial expression, position orientation, and illumination effects. In this paper,a new biometric authentication method is presented thataddresses these effects and their impacts on accessibilityand quality. Variability is being considered in this process

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

facial database. It contains approximately 20 images per

person with a total of 200 people, and stores 2048 1536pixel images [30]. The main motivation for using thePut Face Database is that the diversity of the imagesubsets allows them to be easily used for training, testing,and cross-validation processes. This can occur because theimages in this database have more than 20 orientationsfor an individual using various lightings, backgrounds, andfacial expressions. In addition, the images in this databasecontain 2193 landmarked images [31]. A sample of thefacial images from the Put Face Database is shown inFig. 3.On the other hand, images in the Indian Face Databaseare less influenced by the facial expression, position orientation, and illumination effects. There are 40 subjects,each having 11 images with the same homogeneous background. The size of each image is 640 480 and 256gray level per pixel. The main reason for using two typesof databases is to find out the combined effects of twodifferent environments. As well, it is important to show thatthe proposed method is the optimal solution for not onlythe images highly influenced by the underlying challenges,but also for the images that are less obstructed by the samereason. A sample of the facial images from the Indian FaceDatabase is given in Fig. 4.

properties can be presented as follows [23],[24]:

d(u, v) = ||(u v)||

vu npuXt (vi ui )2 = (v1 u1 )2 + (v2 u2 )2 +i=1

p(v3 u3 )2 + ..... + (vn un )2

The magnitude:q

||u|| = u.u = p21 + p22 + p23 + ..... + p2n

where k is a scalar quantity.

The geometrical representation of u and v in Rn isshown in Fig. 1.In the proposed method, using the same analogy, aEuclidean vector in 2-D geometrical space is being constructed for a feature extraction, estimation, and authentication process. In particular, each assigned point of thecandidates biometric features is considered to be a 2D geometrical coordinate in the Euclidean vector space[22]. This feature extraction, estimation, and authenticationprocess are presented in Section IV-B.

TABLE I: The Details of Two Databases

B. Facial AnatomyFacial authentication is an everyday task, as humanscan identify faces without extra effort. Typically, the facehas inherent characteristics with distinguishable landmarks,different peaks, and approximately 80 nodal points [25].Building an automated system to authenticate an individualusing facial geometry can be done by extracting facialbiometric features; including size or shape of the eyes, lips,nose, cheekbone, and jaw, as well as their relative distances(or positions) and orientation. Authentication typically usesan algorithm that compares input data with the biometricsstored in the database. The authentication process basedon facial features is fast and accurate under favorableconstraints, and as a result this technology is evolvingrapidly. Unlike biometric authentication using other traits,authentication using facial biometrics can be done easilyin public or in noncooperative environments. In this case,the subjects awareness is not required. A typical facialbiometric pattern in 2-D geometrical space is shown inFig. 2 [26],[27].

Databases

Original Image Size (Pixels)

Modified

Put Face

2048x1536 (color)

256x256 (gray)

Indian Face

640x480 (gray)

256x256 (gray)

IV. Variability Modeling Method

The studies of many facial biometric authenticationmethods have been based on the geometrical featuresextraction and selection process. As previously mentioned,most of those algorithms have been developed under theassumption that the extracted candidate features for theauthentication process are fixed. However, there are challenges in accessing the same facial geometric features,caused by effects due to facial orientation in the timedomain. In addition, even if the facial features are accessible, their quality is contaminated by expression andillumination, due to the dynamic properties of the humanface and environmental factors, respectively. Some studieshave also been conducted based on variabilities in thefeatures extraction and selection process; but that methoddidnt consider the combined effects of facial expression,orientation and illumination. As well, in most cases, thesevariabilities were introduced at the cost of processing time,storage, and memory. The proposed authentication methodis developed under the assumption that the extracted facialbiometrics are vulnerable to position orientation, facial

Face DatabasesIn this method facial images from the two publicdatabases, the Put Face Database and the IndianFace Database, are used [29],[30]. The sizes of thetwo databases are presented in Table I. The Put FaceDatabase is a highly nonlinear and heterogeneous 3D4

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Fig. 1: Euclidean Vector in 2-D Geometry.

Fig. 2: Features in 2-D Geometrical Space [26],[27].

Fig. 3: A Sample Facial Images - Put Face Database.

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Fig. 4: A Sample Facial Images - Indian Face Database

expression, and illumination effects. More importantly, it

is considered that these effects could cost the qualityand accessibility of the desired features. Therefore, theproposed variability method is the compilation of twochallenging issues: quality feature extraction (i.e. desiredfeatures) and variability of the authentication process (i.e.feature selection and its desired estimate).

and these derived components can be written as [32],[33]:

z

= wT x

Therefore using Eq. (1):

z = wT s + wT n

(2)

where w represents weight vectors which map to each row

vector of x, z is considered to be inherited (data) withmaximum possible variance from the x dataset, and eachof the weight vectors w is constrained to be a unit vector[34].The MSE between the desired features and the processoroutput can be defined as follows [21],[23]:

A. Quality Feature Extraction

The challenges associated with position orientation, facial expression, and illumination effects are the vital issuesfor the exploitation of facial biometrics. These effectsobstruct the accessibility and deteriorate the quality ofthe biometric features. The Sequential Subspace Estimator(SSE) method studied in [21],[23] addressed the challengesof finding quality facial biometrics that are contaminatedby these effects. In that method, a recursive sequential estimator algorithm is being developed in the image subspace.The system performed a sequential recursive filtering process in order to ensure that the biometrics are of goodquality. The SSE approach is based on the minimizationof noise and maximization of information contained in thereceived data, in MSE sense.Now, consider that the facial images have been receivedas vectors of matrix x. Each row and column of thereceived dataset x represents an observation and a particular type of datum, respectively. If the received datasetis contaminated by noise, then the received images can bewritten as:x=s+n(1)

e(t)min M SE

kwc k=1

= d(t) y(t)2

= E[|e(t)| ]

(3)(4)

The main objective is to determine the minimum value

of the Mean Squared Error (MSE), i.e. Minimum MeanSquared Error (MMSE). With this,one would able to decode the desired biometric features from the underlyingnoise environment to maximize the mutual information.The detailed analysis and formulation of the SSE algorithms has been studied in [21],[23].B. Variability Method in Authentication ProcessThe consideration of variability during the feature selection and extraction process is unavoidable. The accessibility of the same biometric features is a complex task sincethe human face is a dynamic object with a high degree ofvariability. In this case, Euclidean distance measurementis being used to formulate the proposed variability measure. In this method, images are transformed into vectorspaces and maintain a direct relationship between objects

where n is the noise matrix, and s is the noise-free or

desired dataset.Principal components can be derived from the x dataset,6

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

proposed method in 2-D vector space can be stated as

follows:qM =(v u)T Q(v u)

in geometrical spaces. The main reason for using the

Euclidean measurement in the proposed method is becauseit has the ability to represent these points as a collectionof real numbers. Afterwards, these points are used toestablish an algebraic relationship among the objects inthe vector space, which are then transformed into linearscalar quantities. These quantities are flexible to manipulateand have the ability to respond to variabilities during thefeatures selection, extraction, and estimation processes.In the proposed Euclidean geometrical method, the detected face is represented in the 2-D geometrical domain.Afterwards, biometric templates are created from the extracted facial area, eyes, lips, and nose, along with theirrelative positions. In this case, the proposed Euclideangeometrical method in conjunction with the SequentialSubspace Estimator (SSE) are used to overcome the challenges associated with feature quality and accessibility dueto facial expression, orientation, and illumination effects.More specifically, each extracted feature is considered tobe a separate image. Thus four biometric templates arecreated from one facial image which can then be storedas a single template in the database system. This singletemplate is treated as a template set for an individual andcontains 4 subsets of templates. Furthermore, the featuresare transformed into a Euclidean metric where an estimateof the distance of a set of vectors is performed againsta reference point 0 shown in Fig. 5. In this case, ifp = [p1 p2 p3 .....pn ] and q = [q1 q2 q3 .....qn ] areconsidered to be in Rn and in the 2-D vector space, thenthe transformed metric P in the Euclidean domain satisfiesthe following condition:Pp.Pq =Such that: PP

Subject to: QQT

C. Biometric Template Matching

The proposed method is developed under the assumptionthat the extracted biometric features are highly influencedby position orientation, facial expression, and illuminationeffects. More importantly, it has been assumed that thecandidate biometric features to be extracted are not fixedand accessing them may be difficult due to this assumption.As a result, four biometric features including facial area,eyes, lips, and nose, along with their relative positions(i.e. O as reference point -Fig. 5) have been extractedfrom the facial image of an individual. Each is considereda separate image. These four templates are then stored(enrolled) as a single biometric template in the biometricdatabase system. Therefore, the set contains four subsetsof templates created from an individuals facial image.On the other hand, during the matching process, anytwo accessible biometric features along with their relativepositions have been extracted from the live input facialimage (i.e. test input or image). These two extracted imagesare used to create two subsets of biometric templates. Twotest subsets have been selected and extracted based on theaccessibility and quality of the features in the live inputimage. These two templates and their relative positionsare then compared with the corresponding two of the fourstored templates (i.e. 2 of the 4 subsets) in the database.Therefore, the biometric databases contain one set oftemplates for each individual, and each template containsfour subsets of templates constructed from the extractedfacial area, and size of the eyes, nose, and lips along withtheir relative positions. In this case, each set of biometrictemplates uniquely represents an individuals identity, aseach subset identifies a specific feature of that individual.The system diagram of this process is shown in Fig. 6.

(5)

where PT is the transpose of P and I is an identity matrix.

Euclidean DistanceConsider two images that can be written as the vectorsp = [p1 p2 p3 .....pn ] and q = [q1 q2 q3 .....qn ]. Accordingto Section III-A, the distance between the two images inthe Euclidean domain can be stated as follows:vu nuX(qi pi )2D = t

D. Computational ComplexityComputational complexity is an important issue for theproposed method. Starting with Eq. (4), computationalcomplexity for the vector operation (matrix of vectors) isO(N 2 ), and for Eqs. (5) and (6) is also O(N 2 ).

i=1

Normalized outcome:N

q=(q p)T (q p)q=(v u)T (v u)

(7)

where M is the desired estimate.

p.qI

= I.

V. Results and Analysis

The variability method for the authentication (identification and verification) system was tested on the imagesfrom two public databases: the Put Face Database andthe Indian Face Database. In the experiment, we used thePut Face Database to create two sets of image databases:dB1 and dB2, containing 30 and 50 subjects, respectively.Each database contains 10 images of each subject; thus

(6)

A Euclidean metric matrix Q is being developed based

on the normalized spatial distances (i.e. spatial relationships between two points) between the pixels of the respective biometric features. Therefore, the according to Eq.(5) and Eq. (6), the Euclidean geometrical formula for the7

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Fig. 5: Extraction of Facial Features - Put Face Database.

Fig. 6: Searching and Matching Process

there were 300 and 500 images in databases dB1 and dB2,respectively. In this process, 7 out of 10 facial images fromeach subject were used to train the system. The rest ofthe three subjects images were used for testing purposes.The Indian Face Database was also used to create twosets of image databases: dB3 and dB4, containing 10 and20 subjects, respectively. Each database contains 6 imagesof each subject; thus there were 60 and 120 images indatabases dB3 and dB4, respectively. In this process, 4out of 6 facial images from each subject were used to trainthe system. The rest of the two subjects images were usedfor testing purposes.In both cases, we stored four biometric templates foran individual that were created from the facial area andsize of the eyes, lips, and nose, along with their relativepositions. However, comparisons between the input and

the stored biometrics were done with any two available

features along with their relative positions. Images weretaken of different orientations and facial expressions, aswell as under different lighting conditions. The maximumsize of the training dataset was approximately 17.5 MB.Since the proposed biometric authentication method hastwo modes, identification and verification, the performanceevaluation of the proposed method was conducted based onthese two modes.A. IdentificationThe experiment for the identification process was conducted using databases dB1, dB2, dB3, and dB4, . Inthis process, the received image was compared with allof the stored images in the database. There were 300,500, 60, and 120 images in databases dB1, dB2, dB3,8

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

TABLE III: Performance Evaluation in (%) - FAR, FRR,

and EER Comparison

and dB4, respectively; therefore there were 300, 500, 60,

and 120 sets (two templates for each set) of identificationattempts. The performance of the identification process wasevaluated using CRR, and their averages were recorded.Comparisons of the proposed method to the state-of-theart algorithms PCA, LDA, and MLE were also recordedand are shown in Table II and Fig. 7.TABLE II: Performance Evaluation in (%)-CRR ComparisonMethods

dB1

dB2

dB3

dB4

Average

Proposed Method

88.30

86.25

94.50

93.65

90.68

PCA

66.45

59.80

78.65

74.80

70.19

LDA

72.25

67.35

81.50

78.45

74.89

MLE

70.85

66.05

80.20

76.65

73.44

dB1

Methods

dB2

FAR

FRR

EER

FAR

FRR

EER

Proposed Method

0.87

6.10

3.65

3.75

8.70

5.80

PCA

8.60

9.25

10.1

9.50

13.40

15.65

LDA

7.65

5.30

8.20

4.55

12.85

12.37

MLE

7.20

8.90

9.50

8.75

12.65

14.25

TABLE IV: Performance Evaluation in (%) - FAR, FRR,

and EER ComparisondB3

Methods

B. VerificationThe verification of a genuine person was conducted bycomparing the facial image of each person with the otherfacial images of the same person. Imposter processing wasconducted by comparing the facial image of one personwith the facial images of other persons. There were 90,150, 20, and 40 testing samples for databases dB1, dB2,dB3, and dB4, respectively; therefore there were 90, 150,20, and 40 sets (two templates for each set) of genuinematches. The verification performance was evaluated usingthe False Acceptance Rate (FAR), False Rejection Rate(FRR), and Equal Error Rate (EER). The percentages ofFAR and FRR and the corresponding EER points weredetermined and the experimental results were recorded.Comparisons of the proposed method to the state-of-the-artalgorithms PCA, LDA, and MLE were also collected andshown in Tables III V , and Figs. 8 11. The averageexecution time for each database is given in Table V I.

dB4

FAR

FRR

EER

FAR

FRR

EER

Proposed Method

0.82

3.55

1.85

0.84

3.85

2.65

PCA

2.15

4.25

5.15

3.25

5.30

7.45

LDA

1.50

3.85

3.75

3.85

4.60

5.90

MLE

1.35

3.75

2.50

3.25

4.15

6.50

facial authentication has been developed in the Euclidean

2-D vector space. The extracted biometrics are beingconsidered as a collection of points in the 2-D geometrical coordinate system. In this experiment, two differentdatabases dB1 and dB2 have been created from the PutFace Database, which contains 30 and 50 subjects, eachwith 10 images. As well, two databases dB3 and dB4 havebeen created from the Indian Face Database that contains10 and 20 subjects, each with 6 images. The IndianFace Database is less influenced by the effects fromvarious lightings, backgrounds, and facial expressions. Themain reason for using two different public databases is totest the proposed variability method under two differentenvironmental conditions and discover the average effectof the facial authentication process. Furthermore, in bothcases, four biometric templates (from an individual image)using extracted facial area, eyes, lips, and nose featureswere created, respectively, and stored in the database as asingle template for an individual, each set with 4 subsets oftemplates. During the comparison process, two templateshave been created from the extracted live input biometrics.These templates were compared with two of the four

VI. Discussions and Conclusions

The proposed variability method addressed two important issues of facial biometricsquality and accessibilityfor biometric authentication. In this experiment, it is assumed that the associated challenges during the featureselection and extraction process are due to the combinedeffects of position orientation, facial expression, and illumination on the biometric features. A variability method for9

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Identification Performance Evaluation

100

90

90

80

80

70

70% of Efficiency

% of Efficiency

Identification Performance Evaluation

100

60504030

504030

20

20

Proposed MethodPCALDAMLE

100

60

100

Proposed MethodPCALDAMLE

10

200

300

400

500

600

700

20

40

60

80

100

120

140

160

180

200

dBase

dBase(a) PUT Face Database

(b) Indian Face Database

Fig. 7: Identification - Performance Comparison

Performance Evaluation FAR and FRR

ROC Curve Performance Evaluation

1Proposed MethodPCALDAMLE

0.9

0.8

0.7

0.7False Error Rate

False Acceptance Rate

0.8

0.9

Surveillance zone0.60.50.4

Top level security

0.60.5

EER0.40.3

0.2

0.2

0.1

0.1

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

Proposed MethodPCALDAMLE

FAR

0.3

FRR

0.9

10

20

False Rejection Rate

30

40

50

60

70

80

90

Threshold

(a) FAR and FRR -dB1

(b) ROC -dB1

Fig. 8: Verification - Performance Evaluation.

10

http://sites.google.com/site/ijcsis/ISSN 1947-5500

100

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Performance Evaluation FAR and FRR

ROC Curve Performance Evaluation

Proposed MethodPCALDAMLE

0.9

0.80.7

0.7False Error Rate

False Acceptance Rate

0.8

0.9

0.60.5

Surveillance zone0.40.3

0.6

0.2

0.1

0.1

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

Proposed MethodPCALDAMLE

FAR

0.3

Top level security

FRR

0.4

0.2

EER

0.5

10

20

30

40

50

60

70

80

90

100

Threshold

False Rejection Rate

(a) FAR and FRR -dB2

(b) ROC -dB2

Fig. 9: Verification - Performance Evaluation.

ROC Curve Performance Evaluation

Performance Evaluation FAR and FRR

1

Proposed MethodPCALDAMLE

0.90.8

0.90.80.7False Error Rate

False Acceptance Rate

0.70.60.5Surveillance zone

0.40.3

0.6FRR

0.5ERR

0.40.3

Proposed MethodPCALDAMLE

FAR

Top Level Security

0.2

0.2

0.1

0.1

0.1

0.2

0.3

0.40.50.6False Rejection Rate

0.7

0.8

0.9

10

20

30

40

50

60

70

80

90

Threshold

(a) FAR and FRR -dB3

(b) ROC -dB3

Fig. 10: Verification - Performance Evaluation.

11

http://sites.google.com/site/ijcsis/ISSN 1947-5500

100

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Performance Evaluation FAR and FRR

ROC Curve Performance Evaluation

Proposed MethodPCALDAMLE

0.9

0.8

0.7

0.7False Error Rate

False Acceptance Rate

0.8

0.9

0.60.50.4

Surveillance zone

0.3

FRR0.60.5

EER0.4

FAR

Top level security

0.2

0.2

0.1

0.1

Proposed MethodPCALDAMLE

0.3

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

10

20

30

40

50

60

70

80

90

100

Threshold

False Rejection Rate

(a) FAR and FRR -dB4

(b) ROC -dB4

Fig. 11: Verification - Performance Evaluation.

TABLE V: Performance Evaluation in (%)-EER ComparisonMethods

Put Face

Indian Face

Average

Proposed Method

4.73

2.25

3.49

PCA

12.88

6.30

9.59

LDA

10.29

4.83

7.56

MLE

11.88

4.50

8.18

measures the performance of the verification system. FAR

and FRR presented in the ROC curves characterize theverification accuracy, and the point EER represents theperformance of the verification system. The experimentalresults of the verification process are recorded in TablesIII V . In addition, the performance of the identificationprocess for the proposed method is evaluated based onCRR, and these results are also recorded in Table II.Furthermore, the simulation outcomes for the identification and verification are presented in Figs. 7 11. Moreimportantly, the performance of the proposed method isanalyzed and compared with three state-of-the-art algorithms, namely PCA, LDA, and MLE. The experimentalresults show that the proposed method outperforms itscounterparts with a promising CRR of 90.68% and an EERof 3.49%.

corresponding stored subsets of templates.

The experimental results of the authentication processare recorded in Tables II V I, and the Receiver OperatingCharacteristics (ROC) curves of the proposed method basedon the four databases are also included. This ROC curve12

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Faculty of Science (Girls)

the attackers which lead to compromise the authentication

schemes [7]. Thus, using one time password (OTP) is anefficient way to secure the authentication scheme. Where,OTP is the identity password of a user which changes withevery user login [8].

AbstractRemote user authentication plays the most fundamental procedure to identify the legitimate users of aweb service on the Internet. In general, the password-basedauthentication mechanism provides the basic capability toprevent unauthorized access. Since, many researchers haveproposed a number of password based authentication schemeswhich rely on a single channel for authentication. However toachieve a better security, it is possible to engage multi-channelsfor authenticating users. In this paper, we propose an efficientone time password (OTP) based authentication protocol overa multi-channels architecture. Where, the proposed protocolemploying the RC4-EA encryption method to encrypt the plainOTP to cipher-OTP. Then, Quick Response Code (QR) codeis used as a data container to hide this cipher-OTP. Also, thepurpose of the protocol is integrate a web based applicationwith mobile-based technology to communicate with the remoteuser over a multi-channels authentication scheme. The mainadvantage of the proposed protocol is to highly secure theauthentication system by preventing the OTP from eavesdropping attack. Also, by integrating a Web-based applicationwith mobile-based technology as a multi-channels scheme; theproposed protocol helps to overcome many challenging attackssuch as replay attack, DoS attack, man-in-the-middle (MITM)attack, real-time phishing (RTP) and other malware attacks.

This paper proposed one time password (OTP) authentication protocol for remote user login. Where, the plainOTP is encrypted in the form of cipher-OTP using RC4-EAencryption method in order to keep it secret [9]. Since thecrypt-systems have over grown, it would not be enough toencrypt the stuffed contents of the plain-OTP. Hence, weneed to work on the inevitability that its existence should bekept secret. Thus, Quick Response code(QR) code is used asa data container to hide the cipher-OTP [10]. Also, to ensuresafe and secure remote user authentication, multi-channelsauthentication (MCAs) is used [11]. Where, the idea behindusing MCA is to ensure integrity and authenticity of userauthentication [12] . So that, for an attacker to compromisea user account; different independent channels have to becompromised first before gaining full access to the useraccount [13].

Keywords-Authentication; Multi-Channel Authentication

(MCA); Data hiding; Quick Response Code (QR) code;Encryption.

The advantages of the proposed user authentication

protocol are to prevent the OTP from eavesdroppingattack by adopting the RC4-EA encryption method andthe QR-code technique. Also, to overcome the drawbackof the man-in-the-middle/browser (MITM/B), real-timephishing/pharming (RTP/P) and malware attacks; byintegrating a Web-based application with mobile-basedtechnology as a multi-channels.

I. I NTRODUCTIONInternet has become the most convenient environment forbusinesses, education, bill-paying and E-commerce aroundthe world [1]. Thus, internet security is an important issueto prevent the confidential information from being accessedby unauthorized users [2]. Remote authentication of users isrecently one of the most important service on the internet.Where, remote user authentication is the process of identifying a legitimate user of a particular web service on theinternet[3].Most authentication schemes using a smart card, debitcard, or Asynchronous Transfer Mode (ATM) to restrict aresources [4]. These schemes are impractical due to theirinfrastructure requirements [5]. According to their low cost,efficiency and portability, Passwords are the most commonand convenient way to authenticate the remote user [6].However, such passwords become a sensitive target for

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

II. A N OVERVIEWA. One Time Password Technique (OTP)One Time Password (OTP) authentication is used to provide the security of websites and to minimizes the potentialof unauthorized access [14]. The concept behind OTP that;it can be used only one time, where it is only valid for onelogin session or for a very short period of time [15]. Evenif an attacker is capable of obtaining this user credentialOTP, it may either no longer be valid or be prohibited fromadditional use . OTP can help in mitigating a typical phishingattempt or a replay attacks[16]. A various algorithms for thegeneration of OTPs are listed below [14]:1) Based on time-synchronization between the authentication server and the client providing the password,where OTPs are valid only for a short period of time.2) Using a mathematical algorithm to generate a newpassword based on the previous password, whereOTPs are effectively a chain and must be used in apredefined order.3) Using a mathematical algorithm where the new password is based on a challenge (e.g., a random numberchosen by the authentication server) and/or a counter.

well as some information bits that will tell a QR decoder

what type of QR Code it is. After generating the stringof bits; the Reed-Solomon technique is used to generateError Correction [21]. The resultant data from string ofbits and the Error Correction is used to generate eightdifferent QR Codes, Each of which uses a different maskpattern. A mask pattern controls and changes the pixelsto black 0 or White 1. Which makes sure that the QRcode doesnt contain patterns that might be difficult fora QR decoder to read [21]. Finally, the QR Code whichuses the best mask pattern is generated as shown in figure 1.

B. Dynamic RC4-EA Encryption Method

Cryptography plays a major role to prevent eavesdroppingof sensitive information [17]. ElDahshan et. al. proposed adynamic RC4-EA method [18]. It is used for encryptingand decrypting the plaintext. The advantage of the RC4EA method is to increase the security of the system,by generating the secret keys dynamically. Where, theEvolutionary Algorithm (EA) is adapted to generate adynamic secret key as a seed used in the RC4 encryptionalgorithm. Hence, the final keystream can not be crackedby the attacker. Then, XOR operation is performed withthis final keystream generated from the RC4-EA method onthe plaintext to obtain the ciphertext and vis versa [18].

Figure 1.

Structure of QR Code

D. Multi-Channels base Authentication (MCA)

Authentication is an important aspect of a secure systems,where a user proves his identity by revealing his certainsecrets possesses [2]. Most authentication schemes haveproposed using a single channel to authenticate users.These schemes have undoubtedly improved security buthave not eliminated the possibility of some kinds ofattacks such as; man-in-the-middle/browser (MITM/B),real-time phishing/pharming (RTP/P) and malware.Therefore, researchers have come up with other schemesto overcome these drawbacks such as multi-channelsauthentication(MCA) (i.e., web channel combined withmobile network channel)[13].

C. Data Hiding Using QR-Code

It is essential that in order to hide the information, we needa data container that may be used suitably according to thepurpose. The data container may be an image, a video or aQuick Response Code (QR) code [7]. QR code is developedby Japanese Denso Wave corporation in 1994 [10]. It is atwo dimensional array. The QR code can hold a considerablygreater volume of information: 7, 089 characters for numericonly, 4, 296 characters for alphanumeric data and 2, 953bytes of binary (8 bits) [19]. The QR code includes anencoding region and function patterns: the encoding regionis used to store the data, and the function patterns includeposition detection patterns, separators for position detectionpatterns, timing patterns and alignment patterns [20].To generate a QR code the string of bits are needed. Thisstring includes the characters of the original message, as

In theory, MCA offers superior security over single

channel authentication schemes. That is, for an attacker tocompromise user account, different independent channelshave to be compromised first before gaining full accessto the user account [13]. Also, MCA makes it impossiblefor non-targeted attacks to successfully compromise usersaccounts; especially if the attacker is not geographicallyclose enough to the user to gain access to designateddevices used by some channels.

15

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

The major aim of the proposed protocol is to eliminate

the drawbacks of password guessing attack . The proposedprotocol uses OTP encrypted by RC4-EA method, then hiding cipher-OTP in QR code. Also, it integrates a web-basedapplications and mobile devices for user authentication overmulti-channels. The proposed protocol involves two parties: a server (S) and a remote user (U ). Each authorized Ucan request service from S with the granted access rights. Inaddition, each U got an electronic mail and hold a mobiledevice. The protocol consists of four phases : initializationphase, registration phase, login phase and authenticationphase. The notations employed throughout this paper areshown in table I.

A. Initialization PhaseIn this phase, Internet Protocol Authentication (IPAuth)is a protocol suite for securing internet communications byauthenticating each IP packet of a communication session.IPAuth takes place between two parties of a server and auser. The various steps of IPAuth will be explain below:1) Assume that U request from S to join the system.2) The S will check UP rox :If U access the system using proxy.then S block the U connection.

IV. I MPLEMENTATION AND S ECURITY A NALYSES

Instead of using the traditional smart card for remote userauthentication. The proposed user authentication protocolis adopting the RC4-EA encryption method to encrypt theplain-OTP, then it is hiding the cipher-OTP in QR code.The users electronic mail and mobile device takes theresponsibility for receiving the OTQR and the OTP as amulti-channels to achieve mutual authentication between theU and S.The performance of the proposed authentication protocolis tested using server 32 core AMD opteron processor 6376with 32 GB of RAM and 4 RAID 1s, laptop (Intel i5, 1.80GHz processor, 2 GB RAM) and simple mobile phone.The experiments have been implemented using PHP-MySqllanguage environment.

TABLE TO THE MAIN WEBSITE WITH

OTQR

OTQR

VIA EMAIL

DC

Status

DU

aqwers

2015-05-2418:50:15

1 (Valid)

Ready toUse

aqwers

2015-05-2417:47:43

0 (Expired)

2015-05-2417:49:15

aqwers

2015-05-2318:31:38

2 (Expired)

Not Used

Table IVL OGIN TABLE TO THE MAIN WEBSITE WITH OTP VIA SMSU.N

OTP

aqwers

F21P40Ui

aqwers

nH8XxG62

aqwers

B0Ej0PF6

DC2015-05-2418:50:152015-05-2417:47:432015-05-2318:31:38

Status1 (Valid)0 (Expired)2 (Expired)

DUReady toUse2015-05-2417:51:15Not Used

B. Security AnalysesThe security of the proposed protocol is analyzed underthe possibilities of the types of attacks listed below:

A. Implementation

1) Prevent Replay Attack : In this type of attack,

the intruder gathers the communication messagesexchanged between the U and S; then tries to replaythe same messages acting as a legitimate user. Inthe proposed authentication protocol, the randomnonce values r1 ,r2 , and a with time stamp T aregenerated for each session, and the parameters in allthe messages are all related to them. Those valuesare verified by S as in equations 4,5 . The S checksat what time interval T the request is received. If thetime stamp are not within the time interval, the serverS will reject the intruders attempt to access theservice. Therefore, the proposed protocol is secureagainst replay attack.

The proposed user authentication protocol is very robust,

secure, reliable and very hard for illegitimate users to crack.By implementing the OTQR/OTP techniques, it can help inmitigating a typical phishing attempt. Whenever user wishesto login the website, first step is that the U coming fromwhite list of Allowed IP Addresses UW IP . Second stepis to enter UID and UP W for remote User authentication.Once U is login and gets the OTQR/OTP by Email/SMSon his registered an electronic mail and a mobile numberrespectively. The server will store the OTQR/OTP and thedate created (DC). The OTQR/OTP with status value 1 isvalid which signifies that it can still be used by U . Themoment U uses the generated OTQR/OTP. The OTQR/OTPexpires and its status value changes from 1 to 0 then theregister OTQR/OTP date used (DU). But, whenever U notuses the OTQR/OTP after a period of 5 minutes it willexpire and its status value changes from 1 to 2 as shown intables II, III, IV.

2) Prevent Man-in-the-middle Attack : In this type of

attack, the malicious user listens to the communicationchannel between S and U . In proposed authenticationprotocol, the intruder may intercept the web/mobilecommunication messages, but he will never be able to

17

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

encrypted using the RC4-EA encryption method, then hiding

the cipher-OTP using the QR code technique. Therefore,the data can not be easily retrievable without adequateauthorization. Also, the purpose of the paper is to integratea web based application with mobile-based applications tomake it more secure than the general authentication methods.The integration of web and mobile-based applications is amulti-channel authentication scheme that is better than asingle-channel authentication. Thus, the proposed authentication protocol is more convenient, because the burden ofcarrying a separate hardware token is removed. Moreover,this protocol helps to overcome many challenging attackssuch as replay attack, DoS attack, man-in-the-middle attackand other malware attacks.

compute the OTQR and the OTP. Since, it is based on

random nonce values, which is chosen fresh for eachnew session. Hence, the protocol is secure againstman-in-the-middle attack.3) Prevent Denial of service attack (DoS) : At DoSattack, the attacker may flood a large number ofillegal access request to S. The DoS attacks aim isto consume S critical resources. By exhausting theseresources, the attacker can prevent S from servinglegitimate U . In the proposed authentication protocol,for every access request from any user U to S; Schecks the UP rox and UIP as explain in III-A. Thus,the proposed protocol does not suffer from DoSattacks.

R EFERENCES

4) Prevent Website Manipulation: One of Website

Manipulation attack is SQL Injection. SQL Injectionattack is a hacking technique which attempts topass SQL commands through a web application;to be executed by the back-end database. SQLInjection is useless in the proposed authenticationprotocol, since the proposed protocol uses themysql real escape string() command. Thus, theproposed protocol is secure against SQL Injectionattacks.

5) Prevent Phishing Attack Via the Web : Phishing

is a form of online identity theft that aims to stealsensitive information. In the proposed authenticationprotocol, if the intruder knows UID and can get theUP W from the server by replacing the actual webpage with a similar one, it would be difficult to get theOTQR and OTP because it send over multi-channel.Which has to be chosen within a specified time stampas in equations 4,5.

6) Prevent KeyLoggers Attack : KeyLoggers are

applications or devices that monitor the physicalkeystrokes of user computer. Then they are gatheringthe information for later retrieval or send it toa spyware server. KeyLoggers is useless in theproposed authentication protocol, since the proposedprotocol uses the (Virtual Keyboard) which preventthe keylogger attacker to record the U sensitive data.Thus, the proposed protocol is secure against thekeylogger attack.

The major contribution of this paper, is proposing a multichannel user authentication protocol. The proposed protocolenhances the security of a remote user login. The proposedprotocol adopted the one-time password (OTP) which is

[9] A. A. Elngar, K. A. El Dahshan, E. K. Elsayed, and A.

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

the CEO of ICGST LLC, Delaware, USA.

[10] D. Sonawane, M. Upadhye, P. Bhogade, and S. Bajpai, QR

Based Advanced Authentication for all Hardware Platforms,International Journal of Scientific and Research Publications,vol. 4, no. 1, 2014.

Kamal Abdelraouf ElDahshan is a professor of Computer

Science and Information Systems at Al-Azhar Universityin Cairo, Egypt. An Egyptian national and graduate ofCairo University, he obtained his doctoral degree fromthe Universit de Technologie de Compigne in France,where he also taught for several years. During hisextended stay in France, he also worked at the prestigiousInstitute National de Tlcommunications in Paris. ProfessorElDahshans extensive international research, teaching,and consulting experiences have spanned four continentsand include academic institutions as well as governmentand private organizations. He taught at Virginia Techas a visiting professor; he was a Consultant to theEgyptian Cabinet Information and Decision Support Center(IDSC); and he was a senior advisor to the Ministry ofEducation and Deputy Director of the National TechnologyDevelopment Center. Prof. ElDahshan has taught graduateand undergraduate courses in information resources andcenters, information systems, systems analysis and design,and expert systems. Professor ElDahshan is a professionalFellow on Open Educational Resources as recognized by theUnited States Department of State. Prof. Eldahshan wantsto work in collaboration with the Ministry of Educationto develop educational material for K-12 levels. Prof.Eldahshan is interested in training instructors to be able touse OER in their teaching and hopes to make his universitya center of excellence in OER and offer services to otheruniversities in the country.

[19] A. Gaikwad, K.R.Singh, Information Hiding using Image

Ahmed A. Elngar graduated with a B.Sc. in computer

Science from computer science Department, Al-AzharUniversity 2004, Master of computer science in IntrusionDetection System (IDS) from Ain Shanm university 2012.Now he is a P.hD student at computer science Department,Al-Azhar University. Also he is a member in EgyptianMathematical Society (EMS) and International Rough SetSociety(IRSS).

Ashraf Aboshosha graduated with a B.Sc. in industrial

electronics from Menoufia University, Egypt at 1990.At 1997 he received his M.Sc. in automatic control andmeasurement engineering. From 1997 to 1998 he was guestresearcher at research centre Jlich (FZJ), Germany. From2000 to 2004 he was a doctoral student (DAAD-scholarship)at Eberhard-Karls-University, Tbingen, Germany. Where hereceived his Doctoral degree (Dr. rer. nat.) at 2004. He is

19

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

A framework for future application of RFID

technology for school and vocational trainingson Internet of ThingsAhmad Shaker AbdalradaFaculty of ArtUniversity of WasitWasit, Iraq

fundamental utilization is in following student RFID

(resources). This can be used for university, school andvocational training for examining stream with IoT.

Abstract Radio Frequency Identification (RFID) is

programmed ID innovation without contact, supportmotions via radio recurrence programmed ID which givepertinent destination information, without requirementdirect mediation of distinguish school children forlearning an assortment to study surroundings. Sinceschools and vocational institute are providing trainingframework stream through unmatched data, cannotfulfill more reasonable for upcoming study interest.Internet of Things (IoT) overwhelmed customary flawfor structure code, which support to university, school orworldwide group of vocational training greatest concernand examination.

Keywords: RFID Innovation, Internet of Things, Future

Application

I.

To promote the objectives of the whole

education community IoT.To highlight opportunities for research andinnovation for educational or vocationaltraining.To identify the current state of technology andidentify future requirements for school.To introduce the future application for schoolcommunity to new era of RFID using IoT.II.

LITERATURE RIVEW

In its easiest structure, RFID [7, 8] is an idea like

standardized identification innovation, yet withoutobliging an immediate perceivability of the checkedsubstances as presented in Figure 1. Much the same asstandardized tag frameworks oblige a legitimate opticalperuser and unique labels connected on RFIDs, RFIDneeds a peruser hardware and exceptional labels orcards appended to the students RFIDs all together forthe readers to be followed

INTRODUCTION

Internet of Things (IoT) [1, 2] are characterized as

combination of RFID [3, 4], infrared sensors, laserscanners, worldwide situating frameworks, andsupporting data detecting gadget, as per the concurredconvention, to any article joined with the Internet up todata trade and correspondence, keeping in mind the endgoal to accomplish shrewd distinguish, find, track,screen and deal with a system. IoT ideas are setadvancing in 1999 [5, 6]. IoT is the "material articlesjoined with the Internet". It has two implications:initially, the center of systems administration andframework keeps on being the Internet, within theInternet premise of the expansion, development of thesystem; another client-end stretched out till extended tosome articles, data trade and correspondence.

Antenna

RFID tag

RFID reader

Display resultover Internet

RFIDs are an innovation for critical educational

training esteem and tremendous prospective. RFIDguarantees for supplant ancient scanner tag besidesadds ongoing deceivability of analyzing, paying littleheed to the area of the school network. We discoverRFID applications in different fields, yet its

Computer

Database

Analysisresult

Figure: 1 Conceptual diagram of RFID Reader

20

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

articles are outfitted with a little, reasonable tag for device.

This encompasses a transponder through an advanced chip formemory, which agreed an interesting electronic item code fortag. This questioner, a reception apparatus bundled through ahandset in addition decoder, which transmits sign enactingRFIDs label for reading and compose information on this. Atthe point while a RFIDs label goes over this electro-magneticregion, which identifies peruser's actuation indication [20].The peruser interprets coming encoded information withlabel's coordinated circuit of device and encoded informationforwarded to end computer. This process of applicationsprogramming arranged at end computer forms theinformation, which execute different separating procedures tolessen various frequently excess peruses similar tag and labelfor littler in addition more helpful information sets ofinformation [21].III.

THE APPLICATION OF RFID IN IOT

Despite the fact that RFID technologies have been about

almost three decades, this is just as of late that this innovationhas been increasing critical energy because of the merging ofcost cutting, which expanded capacities on labels of RFID[22]. At present, RFID is rising as a vital innovation forchanging an extensive variety of utilizations, including storenetwork administration, retail, air ship upkeep, hostile toforging, stuff taking care of, and health awareness [23]. Itadditionally proclaims the rise of economical and profoundlyviable pervasive PCs that will have emotional effects onpeople, associations, and social orders. Numerous associationsare arranging or have effectively misused RFID in theirfundamental operations to exploit the capability of moremechanization, productive learning procedures, and examperceivability [24]. Case in point, late news demonstrates thattop retails corporations have lessened by 30 percent stock outand large in the wake of dispatching its RFID program.Numerous forecasts concur, which RFIDs provide new era ofventures with billions worth.

Figure 2: RFID Tag, RFID Reader or Interrogator and

Computer connected with Internet.The next part of RFIDs cross examiner that correspondsthrough (likewise entitled questioning) RFIDs labels [12].The last part is the software backend framework that provideinterfaces RFIDs investigators with an incorporated databaseof schools [13]. This unified database encompasses extra data,for example, cost, on behalf of RFID labeled thing.

Future application of IoT undertakings could oversee each

item continuously, and deal with their school building design.They not just manage the course in store network and offerdata, additionally break down the data produced from eachmethod and figure. By determining the data from the presentsystem of students RFIDs, the future pattern and likelihood,which mischance occurs is evaluated, cure methods could bereceived and move ahead to notice. It could enhance ventures'capacity for reacting at school business [25].

RFID innovation has been boundless and these days, this

could be originate popular numerous uses. Approximately ofRFIDs used to be present RFID scanner, RFID printer, RFIDradio wire and RFID peruser. Radio recurrence recognizableproof or also called RFID depict a framework, whichcommunicates the character on an article that individualremotely utilizing waves of radio as a part of the type forspecial number of serials [18].A RFID framework could encompass a few segments: labelstransponders, label perusers, reception apparatus, andinterface [19]. In an ordinary RFID framework, individual21

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

IoT influences the inventory network administration in

assemblingconnection,warehousingconnection,transportation connection and offering connection [27]. Thiscreates schools almost entire learning transformation reactionfor differed academic business rapidly, which provideversatility for school network to academic business checkvariations is moved forward.IV.

METHODOLOGY

However RFID are already looking forward viewed as an

innovation, this selection over many mixture of commercialenterprises has seen it turn into a great deal more typical. AsRFID is as a rule more predominant over an assortment ofcommercial enterprises, school associations looking to pick upan upper hand are now using the innovation in a mixture ofcreative ways the school has not seen some time recently [28].The inquiry that numerous schools are presently asking is:which places are RFID tags moving? This may be answeredas it appears that innovation splendid future through extraesteem included components showing up at comparableexpenses.Presently, RFIDs are changing utilities operations forutilizing shrewd patterns to gather in addition communicatethe measure force devoured into family unit. Brilliant [28]meters are an illustration of an innovation that is in a generalsense varying market procedures by recording utilization forelectric utilities on normal interims besides conveying thisutility used for checking then charging from back.

Figure 4: Future application scenario for school using RFID

on IoT22

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

The RFID Tags

Start

Install RFID tags

on IoT

Internet-connected Readers

VisitSchoolAddres

Server with Database and Analysis Algorithm

Transmit the Tag

Code

Figure 5: Framework of RFID application on IoT

No

CheckRFIDinstall

Start

Transmit theResult from theTag

Ye

Read the Tag

DownloadProgramFiles

NoTransmit informationto Tag randomly

Exam the Code

and ProduceRandom Data

Resend the Final

Exam Result

End

YesFigure: Process flow of RFID applicationResend computed result

Also, the purchaser utilizes the telephone to peruse the item

tag or label to accomplish RFID code for items and permissionthis to opposition to duplicating on school server. Whenencrypted code equals using the standard of RFID coding onschool RFIDs, the main server inquiries own securitycryptographic calculation for creating its irregular informationbesides goes on student telephone, in meantime school serverfigures arbitrary information as per security cryptographiccalculation besides monitors registering outcomes.

End

Figure 6: Functionality of RFID application on IoT

At the point when the students get the item with RFID hostileto forging name, they utilize the mark code for right of entryto school network against falsifying data administrationsaddress through RFID-empowered cellular telephones orInternet-joined PCs furnished through read-compose labels ofRFID, and afterward request administrations to achieve itemcorrelated data for recognize this legitimacy on item.Compelling on RFID-empowered cell telephone to instance ofdemonstrate particular hostile to duplicating steps when thebuyer needs to distinguish the realness of the item.

Thirdly, student telephone shows their arbitrary information

on the label or tag while this get connected with the schoolserver, afterwards label's interior computation, this outcomewould be shown by the cell telephone lastly remain referredthrough the cellular telephone to check onto school server.At long last, the school server might be checked studentinformation, which got commencing own particularpreservation beforehand, in addition to retransmit the data "thestudy content is honest to goodness" onto cellular telephoneon the off chance that they are steady.

Primarily, the student acquires the school community against

falsifying server address as of the study item portrayal ordifferent recognizable pieces of proof straightforwardly. Atthe point when accepting the RFID-labeled items, the studentuses the RFID-empowered telephone to stay on school Website and keep a copy system records that school through mainserver taking after reminders. Subsequent to joining andrunning using the school server, the telephone drives keen onthe intelligent procedure.

V.

CONCLUSION

RFID is an imminent programmed ID technique, being

considered by numerous as a standout amongst the mostpervasive registering advancements ever. RFID is in light ofremotely recovering and putting away evidence operatingappliances termed RFID transporters or RFID labels. Aprogrammed distinguishing proof innovation, for example, anAuto-ID framework in light of RFID innovation is a vital23

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015Conference on Intelligent Environments (IE). (july 2011) 214resource for learning frameworks for two reasons. As a matter221

of first importance, the perceivability gave by this innovation

permits an exact learning of study level by wiping out theinconsistency between exam record and physical health. Also,RFID innovation can anticipate or diminish wellsprings oflapses. Advantages of utilizing RFID innovation incorporatethe diminishment of work expenses, the improvement ofschool procedures and the lessening of learning mistakes.

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Towards Understanding User Perceptions of

Biometrics Authentication Technologies1

Abdullah Rashed and Nancy Alajarmeh

Independent Reseacher

Tafila Technical University

Abstract. Human misbehaviors cause security systems breaches. One of

the reasons behind this fact is neglecting human acceptance. For thatreason, new technologies are usually faced with rejection or acceptanceissues. Technology Acceptance Model (TAM) is one of the well-knownmodels used to predict the acceptance of new technologies. Biometricsas an authentication direction is still under development. Relying on Biometrics for authentication has some important characteristics; mainly,being faster and easier due to the fact that users will not be involvedwith unfamiliar interfaces, such as typing password, signing or even deliberate exposing to some part of the body. This study investigates theusers intention to use biometrics as an authentication tool amongyoung Arab people. A survey involving 74 individuals was conducted.The results reveal that perceived ease of use and perceived usefulnessare significant drivers of the behavior of intention to use biometrics asan authentication tool. In addition, results show that perceived usefulness is the most crucial factor in making a decision whether or not toadopt new technologies.Keywords: Intention to Use, Biometrics Technology, Authentication.

Introduction

In this digital world, we become computer slaves (Lao, 2005). While this makeslife much easier, compromised security raises as an issues at high concern(Sukhai. 1998). Information overloading continues to increase due to the expansion of applications that require authentication. For individuals, it is oftendifficult to remember the user names and PINs they rely on for authenticationadfa, p. 1, 2011. Springer-Verlag Berlin Heidelberg 2011

25

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

purposes to their confidential data. Thus, many users select relatively easypasswords to remember (Coventry, 2003); this act is looked at as a securitytrade-off. Therefore, information security is in a serious need for more advanced techniques that ultimately aim at improving its performance. Biometrics, as an option, brings good solutions for most authentication problems(Bala, 2008) and (Rashed, 2010a). There are three types of authentication according to (Boatwright, 2007), (Coventry, 2003) and (Jones, 2007):1. Information related to something an individual knows; for example a PIN ora password.2. Information related to something an individual has (i.e., posses); for example a passport, a smart card, a key or a cell-phone (Herzberg, 2003).3. Information related to something that uniquely identifies an individual (i.e.,Biometrics); for example, fingerprints, signature, ear shape, odour, keystroke, voice, finger geometry, iris, retina, DNA, and hand geometry (Gleni,2004) and (Prashanth, 2009).Using a PIN, also referred to as a password, is the most widespread technique(Skaff, 2007). In spite of its ease of use, relying on PINs has a critical observedvulnerability. This vulnerability comes as a result of the difficulties associatedwith the individuals capability to memorize several passwords/PINs. In addition, user practices are very difficult to be policed (Rose, 1998). Therefore, relying on biometrics rises to be the best solution or practice for authentication.On the one hand, users can uniquely authenticate themselves without beingasked for PINs. On the other hand, users are not required to remember anypiece of information in the authentication process (Coventry, 2003). This inturn makes users more comfortable (Sukhai. 1998).Biometrics as an authentication tool may appropriately fit as an authentication tool in all sensitive organizations (Rashed, 2010b). However, user acceptance is a concern when it comes to adopting biometrics for authentication. Customer acceptance is highly critical as new technologies are prone torejection in an unexpected way. For example, the first mechanical cash issuerwas removed after six from its initial installation because it fell short in front ofcustomer acceptance (Rashed, 2010c). As acceptance of technology is a milestone (Szajna, 1996), this study investigates and examines the intention to usebiometrics as an authentication tool among young Arab people.The rest of the paper is organized as follows. In section 2 we overview theprevious studies as literature review and address the problem statement. Insection 3 we demonstrate our methodology and discussion. We conclude andpresent future work in section 4.

26

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Literature

Many researchers have validated TAM using different tools with regard to avariety of cultures. Chen et al. (2009) studied the determinants of consumeracceptance of virtual stores. Their results indicated that their proposed theoretical model was sufficiently able to explain and predict consumer acceptanceof virtual stores substantially. They presented a theoretical model that couldexplain a large portion of the factors that lead to a user's behavioral intentionto use and actual use of a virtual store. Their model also could supply virtualstores with a number of operative critical success factors to remain competitive in the volatile electronic marketplace.Kripanont overviewed the literature concerning prominent theories andmodels of authentication and Information Technology (IT) acceptance. Histhesis focused on internet usage behavior and behavior intention. IAM wassupposed to explain and predict user behavior and might help practitioners toanalyze the reasons for resistance to technology and also help them to takeefficient measures to improve user acceptance and usage of the technology.Twati studied the cultural norms and beliefs within multi-national organizations in two regions. The first region covered Arab countries in North Africa(i.e., Libya). The second region covered Arab countries in the Persian Gulf (i.e.,Kuwait, Oman, Saudi Arabia, and United Arab Emirates). The results revealedthat the two regions were not homogeneous. In addition, the study conveyedthat age, gender, and education levels are factors contributing to the successof Management Information Systems (MIS) adoption in both regions. Furthermore, the study showed differences in organizational cultures that haveimpacts upon MIS adoption in both regions. The Persian Gulf region wasdominated by an adhocracy culture that values the adoption of MIS, whereasthe North Africa region was dominated by the hierarchy culture type that favors a centralized management style, which negatively impacts MIS adoption.The Persian Gulf region did not show any significant effect of technology acceptance variables. However, in the North Africa region, technology acceptance played a vital role in MIS adoption.Rose and Straub studied technology acceptance in five Arab cultures:three Asian countries including Jordan, Saudi Arabia, and Lebanon; and twoAfrican countries including Egypt and Sudan. They examined the ease of useand perceptions of usefulness. Furthermore, they studied the role of the twofactors in influencing actual usage and perceptions of usefulness to mediatethe effect of perceptions of ease of use on actual usage. Their findings wereconsistent with the majority of TAM findings in the US.Ramayah et. al. examined the intention to use an online bill paymentamong part time MBA students in University Sciences Malaysia, Penang. They

27

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

developed and later modified the extended Technology Acceptance Model

and Social Cognitive Theory to identify the factors that would determine andinfluence the intention to use an online bill payment system. They found thatperceived ease of use and perceived usefulness are the significant drivers ofintention to use the online bill payment system. They also found that subjective norm, image and perceived ease of use were the key determinants of perceived usefulness whereas perceived risk was found to be negatively relatedto usefulness. Moreover, they found that computer self-efficacy played a significant role in influencing the perceived ease of use of the online bill paymentsystem.Coventy et. al. (2003) addressed consumer-driven usability and user acceptance of biometrics. They focused on finding out how iris can be used withAutomatic Teller Machines (ATM) user interfaces. Their findings showed that90% of their study participants were satisfied with iris verification method andthey would select it over signatures or PINs.Rashed et. al. (2010c and 2010d) wondered about the feasibility and future of odour authentication. They presented odour as a user authenticationinterface. They discussed its usage, advantages, disadvantages and user acceptance as well. They applied and tested TAM on the Arab culture and theirfindings were consistent with previous studies (Ramayah, 2005). They concluded that it may be used in odour ATM (OTM) and they studied that in twodifferent cultures.Rashed et al. (2010a) studied the importance of applying biometrics in thefinancial sector to overcome user problems (e.g., recalling PINs and carryingcards) and to insure information security. Their idea depends on using biometrics as an interface in ATMs. They presented their idea with challenges.They suggested replacing ATM machine by OTM machines. They concluded itscapacity to user acceptance and called for more researches in this field.Using biometrics as an authentication tool may not be expected by users.The biometric technologies create the challenge of avoiding attacks beforethey take place (Rashed ,2010b). We think that the problem resides in how wecould present the biometrics in a form that overcomes the worries about usersexpectations.

Methodology and Discussion

Seventy four printed questionnaires were collected from the study participants. Our sample consisted of eighty four respondents. The main findingscan be summarized as follow:

28

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Table 1. Sample Profile

VariableAge

Specialization

Education level

Percentage

21-30

Frequency50

31-40

18

0.24

41-50

0.05

51-60

0.03

IT

22

0.30

Social Sc.

0.11

Engineering

16

0.22

Others

28

0.38

Student

0.01

Secondary School

0.11

BSc

49

0.66

College

10

0.14

MSc

0.07

Ph.D.

0.01

0.68

Table 1 shows that the majority of the questionnaire respondents were within the age interval [21-30] which representsyoung people with 68%. From the same table we can see that30% of the respondents were IT specialists. Moreover, the table shows that most of the respondents were B.Sc. holders.19% of the questionnaire respondents did not like the idea ofusing biometrics in authentication, whereas 47% of them likedthe idea, 23% did not decide and 0.01%.69% found biometrics as an authentication system would improve their efficiency and effectiveness in life. Performanceand 77% found it would enhance their productivity in life.The majority, representing 58% of the questionnaire respondents found it easy to use biometrics as authentication system.The majority, representing 54%, of the questionnaire respondents indicated that they would frequently use this type of authentication technique if it were available. Most of the respondents who intended to use this technique were youngpeople. Table 2 shows that there is a strong relationship be-

29

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

tween age and intention to use. Young people have a strong

attitude to accept new biometric interface.

38% of the respondents showed willingness to use biometrics

as authentication system, whereas 14% confirmed that theywould not use if it was available. Most of the respondents,representing 49%, did not decide (i.e. they were not certain).Table 2. Stastistical Analysis of the Study

DF

SS

MS

RegressionResidual

800.33

21.438

Total

800.333333374.66666667875StandardError4.9387357811.411067366

t Stat

P-value

Lower 95%

11.231

0.0078

-4.6301

0.0436

34.21700168-12.6046662

InterceptX Variable 1

Coefficients55.466666676.533333333

Significance F0.043617929

37.333

Upper95%76.716331650.46200048

Lower95.0%34.2-12.6

Figure 1 that illustrates our proposed model shows that both perceived usefulness and perceived ease of use are significant drivers for the intension touse new technologies. Thus, both perceived effectiveness and performance,pillars of perceived usefulness, play an important role to intend to use newtechnologies.

30

http://sites.google.com/site/ijcsis/ISSN 1947-5500

Upper95.0%76.71633-0.462

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Fig. 1. Applying TAM on Biometrics

Conclusions

We distributed a bilingual questionnaire to study the potential of accepting

biometrics as an authentication tool. Respondents to this study found it agood idea and indicated an intention to use it in the future if it happened tobe available. Obviously, our findings confirm the previous results. Results reveal that perceived ease of use and perceived of usefulness are significantdrivers of the behavior of intention to use biometrics as an authenticationtool. In addition, this study results revealed perceived usefulness to be themost crucial factor in the decision to adopt new technologies. According tothis study, security remained as a significant factor to affect the behavior ofusers. Moreover, we found a tight relationship between acceptance and age;young people showed more apatite to accept new biometrics interface.Presenting the underlying concept in an acceptable form would accelerate the acceptance and adoption of this tool. This would raise the users concerns about this approach security levels. Many users thought that hackingthis approach would be easy and thus it needs to be strengthened by anothersupplemental approach for enhancing the overall performance. In addition,biometric data can be stored in a smart card that owns a microprocessor andmicro biometrics sensor. Micro-sensor can obtain the data from the user anddirectly communicate with machines to authenticate the card holder. The cardshould have a storage space for storing biometrics data (i.e., encrypted digitized format stored in the card).

31

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

References

Bala D.(2008), Biometrics and Information Security, Proceedings of the 5th

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Novel Usage of Gujarati Tithi in Weather Analysis of

Surat, IndiaP. Chaudhari

D. P. Rana

COEDSVNITSurat, India

COEDSVNITSurat, India

I.

association

rule

mining;

M. M. Raghuwanshi

CEDSVNITSurat, India

COEDRGCERNagpur, India

Here, as mentioned earlier due to the importance of

Gujarati Hindu calendar this research is to contribute theanalysis of temporal association rule mining using tithis toderive novel associations of weather parameters with thetithis. The next section 2 is describing the Gujarati Hinducalendar, the section 3 is reviewing the association rule miningutilized in the environment forecasting. The next section 4proposes the framework to discover the association betweenthe temperature and tithis. The next section 5 discusses theachieved result followed by the conclusion and future scope.

Abstract Vikram samwat Gujarati Calendar is the well known

and ancient calendar used by Gujaratis in India which isfollowing the time period of the successive return of the moon inconjunction or opposition to the sun in relation to the earth. Thedata mining technique retrieves the knowledge from the datawithout any pre hypothesis. This research is to apply computerintelligence to analyze the association of one of the weatherparameter temperature according to this calendar usingtemporal association rule mining. The experiment result provesthat there exist the special associations between weatherparameters and this calendar which can provide new insight tothe researchers of this area and does not require any extraexpertise in weather.Keywords- Temporalprediction; Gujarati tithi

N. J. Mistry

II.

GUJARATI CALENDAR TITHI

In India, the Gujarati Hindu (Vikram Samwat) calendar is

the most ancient calendar and part of Gujaratis life to identifypromising days and holy schedules. Other than this, to dealwith the global world English calendar known as Gregoriancalendar is followed [1]. The Gujarati Hindu calendar isfollowing the time period of the successive return of the moonin conjunction or opposition to the sun in relation to the earth.This is the time period from new moon to new moon, or fullmoon to full moon, measured as the lunar month. So, in thiscalendar, months are as per the moon and days as per both thesun and the moon. Lunar days or tithis can have variouslengths of hours. But sometimes a tithi is absent or sometimetwo continuous days share the same tithi. This is because inGujarati Calendar the days are calculated using the differenceof the longitudinal angle between the position of the sun andmoon.

weather

INTRODUCTION

The Gujarati Hindu calendar is the ancient calendar

prepared mainly by considering the sun, moon and earthposition. This relative position is the main source of day andnight and season on the earth [1]. To predict the temperature,the weather forecasters use the history of the weatherparameters, current status of various parameters received bysatellite or instruments and different complex modelssimulation. Not only these, but whatsoever the result isgenerated they have to apply their expertise to provide the finalprediction [2], [3], [4].Data Mining does not require any prior knowledge andprovides techniques to discover interesting patterns from largeamounts of data from databases, data warehouses, or otherinformation repositories. It is an interdisciplinary field, miningknowledge from all the different areas like statistics, machinelearning, data visualization, information retrieval, highperformance computing, neural networks, pattern recognition,spatial data analysis, image databases, signal processing, andfrom many application fields, such as business, economics andbioinformatics [5], [6], [7]. These days it is utilized in weatherforecasting also using temporal data. Temporal association rulemining is the one of the area of data mining which discoversthe associations from the time stamped data. Association rulemining is nowadays used in the area of prediction [8].

This Gujarati Hindu calendar is according to the lunar year

consists of 12 months. Two fortnights are coming in a lunarmonth that begins with the new moon called "amavasya". Eachlunar month has 30 tithis of 20 - 27 hours. During thewax/bright phases of moon, tithi is identified as "Shukla",beginning with the full moon night called "purnima" alsoknown as auspicious fortnight. During the diminishing phasesof the moon tithi is identified as "Krishna" or Vad or the darkphase, which is also known as the inauspicious fortnight [1].Here, in India, in general there are three seasons like winter,summer and monsoon. According to this calendar seasons areas per the sun position.This relative position of sun, moon and earth relationmotivates us to analyze their relation on the environmentweather. Very next section is illustrating the usage of data

34

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

mining technique mainly association rule mining for the

weather environment.III.

constraints, such as the adoption of incomplete boundary

conditions, model assumptions and numerical instabilities, etc.[9].

ASSOCIATION RULE MINING AND ITS ENVIRONMENT

APPLICATION

The variety of environmental applications and its data of

type multi disciplinary, multi-sensor, multi-spectral, multiresolution, spatio-temporal, high-dimensional provide a richplatform for the practice of data mining [2]. It is also helpful todecision maker or non-computation person for theenvironmental data as followings:

Association rules are an important and a fundamental data

mining task. The objective is to find all co-occurrencerelationships, called associations, among data. It has attracted agreat deal of attention and extensively studied by the databaseand data mining community [5]. Many efficient algorithms,extensions and applications have been reported.

The author presented the method for prediction of daily

rainfall from meteorological data from the atmosphericparameters temperature, dew point, wind speed, visibilityand precipitation (rainfall) of 1961-2010. They appliedbasic Apriori algorithm of association rule mining topredict the rainfall [10]. Association rule mining is used to identify rules thatindicate the relations between atmospheric parameters likeday, time, year, temperature, pressure, humidity, etc. and airpollutant data like date, time, CH4, CO, CO2 [11]. The author derived the close relationship betweenenvironmental factors and ecological events the Red tidephenomena occurred during 1991 and 1992 in Dapeng bay,South China Sea using temporal association rules and Kmeans clustering analysis on the time, sea water temp,salinity, DOxygen, pH, etc. [12]. The relationships between the trajectories of MesoscaleConvective System (MCS) called thunderstorm and theenvironmental physical field values are analyzed usingspatial association rule mining technique to predict theheavy rain fall [13]. To discover the weather for the specified region, patterns ofsimilar region weathers for British Columbia were analyzedusing association rule with the data like temperature,precipitation, wind velocity, etc. [14]. Due to the increasing number of earthquakes, tornados andTsunami waves, the incremental mining of association rulesused to discover the shocking patterns at current time withrespect to the previously discovered patterns rather thanexhaustively discovering all patterns of the earthquakes[15]. The author analyzed historic salinity-temperature data tomake predictions about future variations in the oceansalinity and temperature relations in the waters surroundingTaiwan using inter-dimensional association rules miningwith fuzzy inference with spatial-temporal relationshipswhere traditional statistical models fails to relate spatial andtemporal information [16]. The author tried to extract useful knowledge from weatherdaily historical data at Gaza Strip city by applying basicalgorithms of clustering, classification and association rulesmining techniques to know the importance of them inmeteorological field to obtain useful prediction and supportthe decision making for different sectors [17].

Most of the data analysis methods are based on

classification or clustering algorithms to categorize the data tothe specific group or to establish groups of correlated datarespectively. These algorithms are quite winning but, they havesome limitations like a data record has to be grouped in one andonly one group and no relationship or association can beinferred between the different members of a group.The association rule mining overcomes such problems. Thisis an unsupervised data mining technique that discoversdescriptive rules from very large datasets. This technique hasmany merits like any data item can be assigned to any numberof rules as long as its expression fulfills the assignment criteria,without limitation. And rules are orientated (If then ) andthus to a certain extent describe the direction of a relationship.Last but not the least, by focusing on strong rules, the decisionmaker does not have to browse and study a huge number ofredundant rules.The strength of a rule is measured by thresholds supportand confidence [6], [7]. The support of a rule, X Y, is thepercentage of transactions in T that contains X Y, and can beseen as an estimate of the probability, Pr(X Y). Let n be thenumber of transactions in T, then the support of the rule iscomputed as follows:Support = (X Y).Count / n

(1)

The confidence of a rule, X Y, is the percentage of

transactions in T that contain X also contain Y. It can be seenas an estimate of the conditional probability, Pr(Y | X). It iscomputed as follows:Confidence = (X Y). Count / X.Count

(2)

For the given a transaction set T, the objective of the

association rule is to discover all association rules in T thathave support and confidence greater than or equal to the userspecified minimum support and minimum confidence.The application area of association rule mining is very hugeand used in various areas like Marketing and Sales [5],Documents / Text, Bioinformatics [6] and Web Server [7].Weather forecasters predict weather mainly from numericaland statistical models simulation which requires intensivecomputations,complexdifferentialequationsandcomputational algorithms where the accuracy is bound by

35

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

The author analyzed the usage of association rule for

discovering the relationships between stream flow andclimatic variables in the Kizilirmak River Basin in Turkey[18].

data aggregation part data is separated and aggregated as per

three seasons. Then discretization is applied on this data. Fromthe feature selection, only selected features data are kept for thefurther processing. Now, here tithi data are included with thetransaction data and prepared the mega transactions to discoverthe associations not within the tithi but among the tithis.Next part is to separate the data for the training and testingdata. Temporal association rule mining is applied using Apriorialgorithm from training data and Rules model is prepared totest the data for the tithi association with temperature.

As discussed above the number of applications is dealing

with association rule, it justifies the study of association rulemining for the traditional and special applications which dealswith environmental data and here we are discussing them withthe Gujarati Hindu calendar as upto the knowledge of author itis not utilized which is novel.

V.IV.

PROPOSED APPROACH

EXPERIMENTAL ANALYSIS

We evaluated the temporal association rules generated from

real databases. The data is collected from the weather websitehttp://wunderground.com-/history/station/42840 for the Surat,India station. We aimed to discover rules that demonstrate theassociation between temperature and tithi that can be usedfor prediction of temperature.

The system is proposed to utilize temporal association rule

mining to associate temperature with tithis. The proposedsystem is as shown in the following Figure 1. For the temporalassociation rule mining, used is intertransactional associationrule mining to mine the association across the transactionsinstead the intra transactions.

The data is collected for the three years from 16th Feb 2008to 15th Feb 2011. For these days, Tithi information iscollectedfromhttp://melbourne-jainsangh.org/usefullinks/activity-tithi-calendar/. From these seasons informationdata are separated and aggregated for these three years togetherand mega transaction information is prepared with the help oftithis. The system is tested with Support=20% andConfidence=20%. From the megatransactions information 70%training data is taken and 30% data is used for testing.Generated temporal association rules from the training data isapplied to the testing data for the future day prediction andachieved 61% accuracy for the summer and monsoon seasonswith integration of tithis to the parameters. Sample ofgenerated temporal association rules are as shown in thefollowing Table 1.

The outcome of the temporal association rules for the

summer season is as follows:The Rule 0 says that in Sud tithis, the temperature valuestays in low range.The Rule 1 and Rule 2 say that in Vad tithis, thetemperature above the average is stay in the same temperaturerange.Figure 1. Proposed System

The Rule 3 says that if Sud tithi is changing to Vad

tithi then temperature is increasing. But, here if Wind Speedincreases then there will be no change in temperature.

The main part of the system is the data preparation. In the

first step, the weather data is collected consisted ofTemperature, Sea level Pressure, Dew Point, Humidity, WindSpeed, Visibility and Precipitation. The author found from theiranalysis that instead of yearly data, the predictability isefficient if the data is prepared according to seasons [19]. So, in

The Rule 4 describes that Vad tithi is changing to Sud

tithi then the temperature is decreasing.

36

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

According to these numbers of other rules are generated

and can help in analysis of weather further.VI.

CONCLUSION

The integration of tithi with weather parameters can

provide fruitful information to forecast the weather parametertemperature. The system is uncomplicated compare to the othercomplex weather forecasting system. Experiment results showthat these rules model can generate automatic result which doesnot require extra proficiency in the weather forecasting areaand complex models. In future like to examine the feasibility ofthis integration of tithi with other seasons and with the otherdata mining techniques together.ACKNOWLEDGMENTSThis research work is carried out under the research projectgrant for SVNIT Assistant Professors bearing circular number:Dean(R&C)/1503/2013-14. Herewith is acknowledging theinstitute SVNIT.REFERENCES[1][2]

AUTHORS PROFILED. P. Rana is Assistant Professor at Computer Engineering Department, S. V.National Institute of Technology, Surat, Gujarat, India and is currentlypursuing her PhD degree. Her research interest is in the field of security inweb applications, computer architecture, database management system, datamining and web data mining. She is a life member of ISTE and CSI.P. Chaudhari has completed her M. Tech. in Computer Engineering at S. V.National Institute of Technology, Surat, Gujarat-395007, India.N. J. Mistry is Professor at Civil Engineering Department, S. V. NationalInstitute of Technology, Surat, Gujarat-395007, India. He is a member ofCES.M. M. Raghuwanshi is working as a principal at Rajiv Gandhi College ofEngineering and Research, Nagpur, India. He completed his PhD in ComputerScience, 2007, at VNIT, Nagpur, India. He is a member of IEEE, ISTE andCSI.

37

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Dept. of Computer Science & Engineering

Dr.M.M.RaghuwanshiDept. of Computer Science & EngineeringRajiv Gandhi College of Engineering&Research, Wanadongri. Nagpur, Indiaraghuwanshimm@gmail.comtakes a path of conversion of both the inputs to a similarplatform say black and white and then performing featurematching algorithms like PCA Algorithm. The execution ofthis algorithm is performed on the database and the test imageon which conversion is to be performed, automatically withoutproviding separate compatible image to perform matchingmultiple times with different image inputs. Module three leadsto extracting desired features of input sketch and matchingthem with image equivalents from the database registering allthe components together forming an output. Concludingmodule performs image smoothening algorithm for giving afinishing to the output obtained.

Abstract A liberal amount of software applications are

in market for generating a sketch out of an image, the viceversa though is unacquainted. Whereas such animplementation will prove to be purposive to the crimeinvestigation departments. Such a youthful approach forgenerating an image from a sketch is suggested in thispaper by following a process of, breaking down the sketchinto constituent or component of face, matching orcomparing these features with the available database,selecting the best match followed by registering or pastingthese image components on a blank face image,performing filtering algorithm in order to performsmoothening of image.

II.

Index TermsFeature detection, feature extraction, facial

components, filtering algorithms, fiducial points,smoothening image.

I.

LITERATURE SURVEY

A detailed approach on various techniques of merging images

is presented. The reference [1] provides various unswervingmethods for achieving the objective are introduced along withtheir result giving capacities. On the basis of which analysisreport is also deployed in the given paper. The authors arefocusing on a smoothly finished image that is obtained bymerging few other images.

INTRODUCTION

A liberal amount of softwares and applications are available

to convert a image to a sketch and are well known the viceversa tough is not yet induced, that is there exists nomethodology that would support the conversion of a sketch toan image.The paper presents a layout for a similar idea, foregoing onwhich this plan is distributed into four parts Detection andExtraction of features, Matching of features, Registeringfeatures to form image, Smoothening and finish to form animage. Using the developed technique for Detection andExtraction of features, using the data obtained from the sameperforming matching of features. The input will consist ofmatched features which will be pasted on the face mask so asto obtain the desired output image.Detecting features is the objective of the first modulewhere facial features are detected and extracted, a database ofwhich is generated for further use. The second moduledemands a facility of being able to compare two inputs whichare a sketch and its feature on a variant platform the approach

The basics of recognizing the similarities between two faces

are denoted in reference [2]; the approach used is based onfacial expressions that are beneficial to our project from thepoint that we consider the facial features. The expressionsused as a distinguishing point in this paper are the similaraspect we intend to use in our project. Thus the identificationof features is taken in consideration and thoroughly observedfrom this paper.Pattern recognition and face recognition is the main objectivein reference [3] , which not only introduce variantmethodology for recognizing a face and producing result inform of acceptance and rejection but also gives a determinedpercentage of the face match. No limiting is done for

38

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

then by replacing the image equivalent of the feature on the

displaying the percentage thus every input is considered as a

valid input and thus a valid output.The CMU pose and illumination is a base of the 3D imagingwhere the expressions are identified and compared using athree dimensional aspect which did not prove to be much ofuse with respect to our project point of view but theidentification methodologies used can be replicate by simplyavoiding the three dimensional part. Reference [4] introducescomparison method that produces highly dependable resultsand thus can be useful.Feature identification and recognition methodologies with animprovisation that it also presents the identification of thesefacial expressions or features or faces in first place even indisguise. Reference [5] enlightens any temperament to theoriginal face image can be identified separately andconsidered and avoided according to the input and therecognition is done.In order to imply a combination of nonlinear diffusion andbilateral filtering refining image and edge detection techniqueis proposed. Citation of two well established methodologies inimage processing community is done in order to get a base tothe model, which makes understanding and implementing themethod very easy. Execution of numerical experimentsexhibits that the proposed model can achieve more accuratereconstructions from noisy images, in comparison to otherpopular nonlinear diffusion models in the literature. Reference[6] briefs a diffusion stopping criterion, established from thesecond derivative of the correlation between the noisy imageand the filtered image which can be introduced as new andsimple. Prevention of the diffusion process is done by thisindirect measure that depicts a close to the point of maximumcorrelation between the noise-free image and the reconstructedimage, when the former is removed. The stopping criterion issufficiently general to be applied with most nonlineardiffusion methods normally used for image noise removal .

Fig. I - Architecture of proposed method

A.

Method of Data Collection

Standard image and its equivalent sketchdatabase are collected from authenticated collection. Thedatabase collected consists of more than fifty sketches andits equivalent images. The sketches will be the test inputs,all these sketches need to be of specific dimensions orprcised size.

Literature survey of methodologies of face matching and

feature matching is done in this paper. All present techniquesfor the same are studied and a detailed analysis of the same ispresented in reference [7]. Analyzing approach is based on thestudy of all these techniques under the similar databases andinputs such that the obtained outputs are visually identified tobe similar or not and to what extent documents represented asvectors.

B. PreprocessingDatabase collected from authenticateddatabase collections is processed to obtain a database ofcomponents of face or facial features of only the imageformat, as the processing on sketch is done duringexecution of the code. Separate collection of thesefeatures is stored and retained for use during the codeexecution. The various feature database consist of thefollowing, Eye database. Nose Database. Mouth Database. Blank Face Database.

III. PROPOSED WORK

A simplified methodology that proposes the conversion ofsketch into image with an appropriate approach such that theoriginality of all the features is retained. The basic approach isto identify the prominent features of a face and then searchingfor an appropriate or equivalent image equivalent of the same,

39

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Feature Detection and Extraction

When an input is passed to themethod the primary task is to use feature detectionmethodologies and detect the prominent facial features. G Inorder to generate patterns from time series data forclassification purposes several feature extraction methodshave been introduced. A statistical measure of the amplitudeof the time series is provided by the well known kurtosismethod. Another method displays construction of a featurevector using the spectrum, where the power spectral densityand the wavelet coefficients are used along with PCA forfeature extraction.

Fig. III - Feature extraction method.

E.

Feature matchingApplication of principal component analysis isdone on each image by the Eigen Object Recognizer class, theresults of which will be an array of Eigen values which can berecognized by a Neural Network which is trained. PCA is afrequently used method of object recognition as its results, canbe fairly accurate and resilient to noise.

Fig. IV - Feature matching method

The method of which PCA is applied can vary at

different stages so what will be demonstrated is a clear methodfor PCA application that can be followed. It is up forindividuals to experiment in finding the best method forproducing accurate results from PCA. To perform PCAseveral steps are undertaken: Set extracted feature as test image. Consider train database of particular feature. Perform PCA detect output. Display output.

Fig. II - Feature detection method

For extracting the phase information Hilbert transform

requires conversion of the real-valued signal into complexvalued analytic signal. Time series data is predefined in theSDF-based feature extraction, which is first converted intosymbol sequences, and then probabilistic finite-state automataare constructed from these symbol equines for compressingthe pertinent information into low-dimensional statisticalpatterns. DF-based feature extraction from (wavelettransformed) time series has been proposed by Jin et al. (2012)for target detection and classification in border regions. Thetimefrequency localization and demonizing of the underlyingsensor time series leads for the use of rationale wavelet- basedmethods. However, this method requires selection and tuningof several parameters (e.g., wavelet basis function and scales)for signal pre-processing in addition to the size of the symbolalphabet that is needed for SDF. Use of Cascade objectdetector is done in order to detect and extract the features.

F. Registering Features and Smoothening Image

The previous mode of feature matchingprovides several image outputs viz. Eyes, nose, mouth, blankface. The objective now switches to registering all thesecomponents together in proper dimensions at proper location.In order to detect exact location of every feature their originallandmarks are revised from the input sketch, this simplifies thetask of dimensional repositioning of the features. Facial pointsare detected to register the location of every componentspecifically at its precise dimensions.

40

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Fig. VII Final outcome of image formation.

IV.

ACKNOWLEDGMENT

This paper proposes a distinct technique for

creating an image output from a sketch input. It ispresented successfully in the paper, an approach that isused to improvise a unique method for developing a noveltechnique and presenting a satisfying output.

Fig. V Approach for detecting location of components.

The outcome of all will be a patched form of image

which will have all the image components in their appropriatelocations but the facial appearance of the image may not be aspleasant as expected. Resizing the components and realigningthem is thus a necessity, for which application of certainfiltering and smoothening algorithms is conducted.

V. REFERENCES

[1]

[2]

[3]

[4]

[5]Fig. VI Approach for registering of features

[6]

The output is finalized by performing gradient smoothening

on the image and image blending algorithms are executed forobtaining a perfect outcome, the output is a visually pleasantimage form as shown below,

SAFETIES ON THE WEB DEVELOPMENT

Geraldo Cesar Cantelli

Internet or to an Intranet; inasmuch as the computer to be held

this process has no link with another computer.

AbstractThe present work shows in its introduction to the

importance of information security in the current environment ofdigital culture, especially after the occurred on September 11, 2001in the United States. The subject involves not only informationtechnology-related companies but can verify this concern in thedaily life of the companies and therefore specific lawsGovernments. This can be verified in building distributed systems(including operating systems and managerial), in theinfrastructure of networks of companies and organizations andweb sites. This study analyzes the mechanism of the servers ofInternet pages because many attacks exploit these vulnerabilities.Programming of web sites (mainly dynamic content) can also beused to circumvent the security and enable an occurrence of illegalaccess. Programmers should note some important features toavoid the predatory action of invaders, because no one can buildweb sites without taking into account the hosting and the creationof source code which is intended to reduce the vulnerability of thesystem to a minimum acceptable. Finally, comments on the tenmost common types of vulnerabilities to be observed when makingweb sites according to the OWASP (The Open Web ApplicationSecurity Project) aims to create awareness about security inprogramming sites.Keywords-Security,distributed systems.

information,

I.

network

Thus, the address of the requested page will be initially

http://localhost:8080/index.html. The explanation for this URLis as follows: http is the Internet protocol with which the WWWservice works (World Wide Web). The term "localhost"indicates that the server is local, thus exempting externalconnection.The communication port used for this purpose is8080, which is informed immediately after localhost andseparated from it by ":" (colon). It is common the use of thissame port for Web applications (eg Apache Tomcat, which is acontainer for Java Web applications).This example shows that the web server will only process therequests GET type. When the address of a page is entereddirectly into a browser, it starts to search for the IP addressthrough page servers (by DNS table - Domain Name Service).When the server that responds and hosts the page is found,the browser sends a request GET type and informs the file name(which can be static - .html - or dynamic - .php, .asp or .jsp forexample). Given the software presented here, it does notconsider other request since the focus of this paper is the safedevelopment of Internet pages. One of the security measures isto prevent a user try to execute malicious code within the hostedsite. This type of threat is done by entering the beginning of theURL address, followed by a parameter that points to anotherpage (with this malicious code).

infrastructure,

INTRODUCTION

Acquainted with the need to maintain the Confidentiality,

Availability and Information Integrity which is processed on thewebsites of their clients, the networks professional (obviouslyincluding the Internet) need to get acquainted with thefunctioning of the requests and responses that interact with theclient software (browsers) and Web servers.

Forhttp://www.meusite.com.br?pag=www.invadir.jsp.

example:

This happens when the site above uses parameters to call

internal pages which will fill frames or divs; and instead ofcalling a file from the appropriated server that hosts the URL itends up pointing another page from another server (whichbelongs to the hacker). Thus, a security breach occurs.

The code of this Web Server is written in the Java language,

initially developed by the Sun Microsystems company whichwas acquired by Oracle.The source code of this server (Daswani; Kern; Kesavan,2007)[1] is in the Annex I.

On lines 56-57 of the present server code, a block of the try

type is created (try {...} catch (...}) trying to read the requestedfile (FileReader(pathname)) and, if an exception occurs, it ishandled in the catch block which sends to the client browser thefollowing message: "HTTP/1.0 404 Not Found\n\n", which willdisplay the error 404, meaning that the page was not found

The methodology on this paper is to compile and run this

local server and access it through a browser program (egMicrosoft Internet Explorer) which requests HTML pagesreceiving and displaying them as if they were connected to the

42

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

procedures stored directly in the database using the DBMS own

language (Database Management System); its advantages are thegreatest working speed (as they are already compiled functionsand in the internal language) and safety, since they cannot beperformed by any user.

because the server searched on the site and the file is not therephysically.The exception of the Java language as concerned isFileNotFound. However, other might occur, for example, not bepossible to read the file. To cover all these and other cases, thecatch command (Exception e) brings written "Exception" whichis the superclass, mother of all exceptions, thus accepting to treatanyone and not only FileNotFound. If the developer wanted tospecify to the final user what the problem was, he could testevery problem, but generally in the web environment, the defaultmessage is displayed that the browser expects.

Developers should not use the "root" account and password

for page services, especially on the Web. Unfortunately, manydo not follow this caution and when the software is ready, theydo not change the database user settings for an appropriateaccount and their limited rights.On those applications that are not divided into layers, itmight happen to exist SQL commands (Structured QueryLanguage) that, although not shown in the code ".html" returnedby the server to the client browser, pose a danger if they fall intothe hands of hackers entering on the server and have access tothe page php for example.

In addition, little good would be done (and would be even

dangerous, for security) to show to the Internet user, the internalserver error structure.Still observed in this code was that if the final user just typesin the address bar http://www.meusite.com.br, the server noticesthat a specific page was not requested and shows the index.html.

To understand the information flow in the navigation, it is

necessary to explain that everything begins with the page requestby the final user; when the server is found, it returns back a pageto the requester, and if there is a dynamic code (program) that isaccomplished. As an example take the grades and absenceschecking for a particular student (web system user) on a Collegewebsite: when the registration number and password are entered,the Web server sends it to the database server concerned and itperforms the query and returns only the data resulting to the Webserver (eg Apache), which in turn assembles a page formattingthese data and returns it to the final user (student), delivering iton its browser program (on its IP and proper communicationport).

Another vulnerability that the server cannot allow is the user

to type "../../../../etc/shadow" instead of the inside page, This waygenerating the browser GET request ../../../. ./etc/shadow HTTP/ 1.0 that will show the machine's passwords file which is hostingthe site, if it is the Linux or Unix standard. A caution that can beexerted is not allowing users to read the shadow file.II.

THE DEVELOPMENT ENVIRONMENT

PROGRAMMING

On the programmer stand, there are precautions to be taken

and FrameWorks to be implemented to minimize the threats tothe system. In this chapter, concepts of programmingenvironment will be presented, the MVC design pattern (been itsimportance explained) and finally, the PHP language willreceive attention.

The separation of layers is important for each address their

specific functions. The view does not need to know what theSQL statement executed in the bank and the Model must providethe data requested without any of its authority to presentationand formatting them.

Programmers have contributed greatly to design patterns for

having realized that certain solutions for programming would beinteresting for other developers, leading to a greater flexibility,organization and code efficiency. These patterns can be used inmore than one programming language and have become basicrequirements in large development companies, including the tothe Web and to the Information Security.

Been the flow of information in a Web request understood,

it is possible to explain what the View layer (view) is, which isthe user data presentation layer. The separation of layers isimportant so that each one take care of its specific functions. Thevisualization does not need to know which SQL command wasexecuted in the database and the Model must provide the datarequested, no matter if it is its competence the presentation andformatting them.

The full name of the MVC pattern is Model-View-Controller

and each of these words is a development layer, respectively,Model - Visualization - Control.

Not only for safety reasons but also to make codes morereadable and possible to be developed separately; in a companythere may be a page design sector, independent of programmingsector (PHP, Java, .Net). So employees can become moreefficient, been their processes more specific (each one in theirarea).

"MVC is a development concept (paradigm) and design that

tries to separate an application into three distinct parts. On onehand there is the Model which is related to the current job thatthe application manages, on the other hand, there is the View,which is related to display data or information on this applicationand there is a third part, Controller, which coordinates the twoprevious parts displaying the correct interface or performingsome work that the application needs to complete. " (Gonalves,Edson - 2007) [2]

To control the information procedures between the Model

and the Visualization there is the Controller layer (Control); theuser's request made through the web site (visualized bycustomer) needs to communicate/change/query the database(model) and the Control will determine how this will be doneand how the information will be addressed before and after thedatabase been contacted ("before" to check security and business

The Model (model layer) represents the application data

(database) with its tables (relational model) and its definitions,such as stored procedures, for example. Those latter ones are

43

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

rules for example, and "after" to send them to the final user in anappropriate format in the Visualization).

A6: Security Misconfiguration

As stated earlier, this solution can be implemented in PHP

language which is a combination used by developers seeking,among other advantages the characteristics gainful of theparadigm of Object Oriented Programming.

A8: Failure to Restrict URL Access

A7: Insecure Cryptographic Storage

This language can be worked in the Structured paradigm as

well as in the Object Oriented. The characteristics of the past fewones are: encapsulation, inheritance, polymorphism,composition and the use of so-called "interface."

Within these ten, the "closed padlock" is the A9 item. There

are nine other large groups of vulnerabilities to which a site maybe subject. Nowadays, there are some standards and bestpractices for building web sites with the intention of letting themresistant to vulnerabilities and threats that plague applications ofthis nature.

According to Niederauer, Juliano (2005) [3]: "PHP is a

language dedicated to the Web, so there must be a Web serverwhich receives the requests of pages, do the processing throughPHP returning to the browser (browser) a result."

This project (OWASP - Top 10) [4] has as its aims to createawareness about safety in applications by identifying some ofthe most critical risks that haunt organizations.

As using APACHE or MySQL (combined with PHP) both

settings require configurations made in the server through textlines in configuration files from each of them. When an Internetprovider is hired for hosting services, the programming languagemust be specified as well as the page server program and thedatabase used in the preparation of the site in question.

III.

Attackers can potentially use different routes through an

application to damage the business of an organization. Each oneof these routes is a risk that may or may not be sufficientlyserious to receive attention.

VULNERABILITIES TO BE OBSERVED ONPREPARING "SITES"

The following question is plausible for this paper: What is a

secure site? A large proportion of people would answer that it isa site where there is no risk of losing money. In other words, ifit is a shopping site which really sends exactly the product asked;if it is a bank via Internet which no one can perform operationsin the account or cause injury. Others, more informed, would saythat those are sites with a padlock at the bottom of the browser,but the lock is one but not the only way for security.The padlock which is shown in the browser means that thecommunication channel between the browser and the site issecure against interception. An intermediary can even clip theline, but since the data is transmitted in code, he cannotunderstand them. Once clipping the line, an attacker cannot getto know the account number, or password, or that exact pagesare visiting. One would choose sites on which the lock is shownand avoid sites where they do not appear, especially in the caseof financial transactions and shopping sites. It may seem enough,but there are several other threats and vulnerabilities whichcould be used as means of compromising the security of a website in many different aspects. The OWASP project (The OpenWeb Application Security Project) describes what is consideredthe ten most common types of technical vulnerabilities in websystems: A1: Injection A2: Cross-Site Scripting (XSS) A3: Broken Authentication and Session Management A4: Insecure Direct Object References A5: Cross-Site Request Forgery (CSRF)

44

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Figure 1 - Attacks on Web Applications Source:

It is also true when a password is requested, since the

malicious code described herein can work with a SQL whosewhere has more parameters such as: "Select * from customerswhere username = '$user_name' and password = '$password'."

Font:https://www.owasp.org/index.php/Top_10_2010Main, viewed at: 05/08/2015.In this paper will be explained and exemplified solutions inPHP language for the first two vulnerabilities including sourcecode display and interpretation to the reader.

Another danger is the hacker to delete the table records, if he

types:"'; DELETE FROM customers WHERE 1 or username ='". As shown in this example, the "where" clause would alsoreturn "true" (true) for all records in order to erase them by thedelete command.

A1 - INJECTIONInjection flaws occur when non trusted data is sent to aninterpreter as part of a command or query. The attacker's hostiledata can trick the interpreter and executing unintendedcommands or accessing unauthorized data.

The solution in both cases is different for Java and PHP. In

Java, it is recommended the use of PreparedStatement objectwith a question mark in the SQL command in the space of thedata:

When the site requests an ID from the user, they can entermalicious code to gain unauthorized access to sensitiveinformation. The source code can be written, for example:

"Select * from customers where username = ? and password

=? "

$ Query = "SELECT * FROM customers WHERE username

= '$user_name'";

And then identify each question item separately

(objeto.setString (name) and objeto.setString (password)).

In this example (in PHP), the information in the table

"customers" will be selected for a particular user that on aprevious moment of the application, must have informed thecorrect password and thus obtained access to the system.

Now, in PHP it is necessary to create a function that

eliminates this possibility, either by SQL command like "from,alter table, select, insert, delete, update, where, drop table, showtables," or turning them in a string (text type) that cannot beperformed. In this transformation commands are recorded in thedatabase as plain text (in columns name and password).

However, for an attacker, even not having the correct

password, it is possible to exploit a weak point that lessexperienced programmers leave in the system: enter part of aSQL code to fraud security.Instead of typing a name the hacker types "'or 1'".

That function is described in the following lines of the source

Opening and closing quotation marks with nothing inside,

the code does not inform the user name as expected. The nextstep is to make the site in PHP run "or 1" meaning or 1. In thetruth table, when an expression has two logical operatorsconnected by "or", it is sufficient that one of them is true for theentire expression to become true, returning "true".

:1. <?2. function anti_injection ($field, $adicionaBarras = false)

Then when the SQL "Select * from customer where..." it gets

the true in the where clause, it returns the data of the referredtable to the attacker.

3.{4. // remove words that contain syntax sql

45

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

13. }

5. $field = preg_replace ("/ (from | alter table | select | insert

6. | delete | update |

14.

7. where | drop table | tables show | # | \ * | - | \\\\) / i" "",

15.

8. $field);

17. }

10. $field = strip_tags ($field); // strip html tags and php

18. ?>

11. if ($adicionaBarras || ! get_magic_quotes_gpc ())

For this example, if the URL you entered does not bring aparameter with existing file name in the Fatec server, it willassume the value index.php thus showing the home page of theSite.

12. $field = addslashes ($field); // Add slashes a string

13 return $field;14.}

In case the page is found on the server, then it will be

Failures XSS occur each time an application takes non

trusted data and sends it to the web browser without validationand proper coding. XSS allows attackers to execute a commandsequence in the victim's browser which can hijack user sessions,destroy web sites or direct the user to a malicious site, forexample(fictitious):http://www.meusite.com?page=http:///www.sitehacker. com.

CONCLUDING REMARKS

Through researches for preparing this work and from

personal experience on developing Web sites it is possible toconclude that it is very important to take proper precaution anduse efficiently the tools to create and maintain a secureenvironment in computer networks.It is be seen that the attacks might come from the WorldWide Web or even from the companies Intranet. The networkenvironment enables collaboration and significant results andcurrently indispensable to production and business, for exampleindustries and service providers.

At this point there was an internal parameter of the site called

page, whose content (which should show a page of MySitedomain) that was counterfeited to show the hacker site.Once accessed, the malicious site can execute commandsdirectly on the server which is hosting the site being "attacked."

Defense tools might be free or owner software and less

experienced developers are at high risk if they do not knownthem.

The solution is to check each parameter as requested (on the

page address, which appears after the question mark and isseparated by "&") to identify before running if it is reliable.

Their education must be extensive since caring for the safety

range from the pages of server configuration, database server,the choice of programming languages with better resources andless vulnerabilities and even in the workplace (with appropriatepractices which will avoid for example Social Engineeringattacks).

OnthewebsiteofFatecOurinhos(http://www.fatecou.edu.br) this precaution was taken with thefollowing code:1. <? php

On concluding, it is essential to point out that after making

these choices, it is necessary to improve the programmingtechniques, seeking to avoid breaches in the source code ofpages which constitute websites, especially those of vitalimportance in the dynamics of the operation of enterprises, nomatter if they are internal or in competition and/or collaborationwith others in a globalized environment.

76. /* try to open file specified by pathname */

39. /* read the HTTP request from the client */

40. String request = br.readLine();

78. fr = new FileReader (pathname);

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015[4]

80. }81. catch (Exception e) {82. /* if the file is not found, return the

The Open Web Application Security Project (OWASP) is a worldwide

not-for-profit charitable organization focused on improving the securityof software. Their mission is to make software security visible, so thatindividuals and organizations worldwide can make informed decisionsabout true software security risks.

Computation and Communication Science &Engineering

Computation and Communication Science &Engineering

information systems (IS) and offer a complete solution that will

benefit all interested parties. To achieve this the issue of eHealthstandards, systems interoperability and collaboration betweendifferent eHealth stakeholders must be given a seriousconsideration. Taking into account that it is within achievingsystems interoperability, agreement on the data standards to beused must be reached. This results to efficient collaborationamong different eHealth stakeholders in accomplishing anumber of goals like the improvement of the quality of patientcare, reduction of medical errors, and therefore savings in termsboth of human and financial costs [5]. A recent study byLawrence explains the issues, challenges and opportunitiestowards EHR interoperability in Tanzania hospitals; the mainconcerns were privacy, security and confidentiality issues whenconsidering information sharing and data sharing [12]. Hence itwas important to know how far we are in eHealth standardsadoption, systems interoperability and collaboration amongeHealth stakeholders in our health sectors.

Abstract Although the basic application of Information and

Communication Technologies (ICT) in the Tanzanian health caresystems started years ago, still fragmentation of InformationSystems (IS) and limited interoperability remain to be bigchallenges. In this paper, we present an analysis done on thepresent health care delivery service, HIS and on some of existingeHealth solutions focusing on interoperability and collaboration.Through interviews, questionnaires and analysis on e-healthimplementations in relation to interoperability and collaborationwe have established that, the lack of standard procedures to guidethe lifecycle of eHealth systems across the health sector and poorwillingness to collaboration among health stakeholders are keyissues which hinders the manifestation of the benefit of ICT use inthe health sector of Tanzania. Based on the findings, we providesome recommendations with a view to improve interoperabilityand collaboration.Keywords:eHealth;interoperability.

I.

healthcare;

eHealth

adoption;

INTRODUCTION

It is widely accepted that the application of information and

communication technologies (ICT) in health has enhancedprovision of health services across the world [1], [2], [3]. TheWorld Health Organization defines eHealth as the costeffective and secure use of information and communicationstechnologies (ICT) in support of health and health- related fields,including health-care services, health surveillance, healthliterature , and health education, knowledge and research[4].Regardless of its importance the adoption of eHealthstandards in many African countries is still a challenge [5], [6],[7].Tanzania, like other many African countries, its health caresystem has been facing almost similar problems [8], [9]. Due tothe need of good health care delivery services in the society,these problems cannot be avoided and will require fundamentalchanges in the current health care arrangements [10]. Tanzaniangovernment through the ministry in charge of health sector andsocial welfare (MoHSW) has developed its strategic plan calledthe Health Sector Strategic Plan III to guide priority setting anddeployment of resources in the health sector [11]. The alreadyinitiated Tanzania National eHealth Strategy (2013 2018) ofthe health care system aims to integrate all fragmented

However, a well formation of the Tanzania health care system

should provide opportunities for high quality and professionalwork with patients and long-term development, whereasrelevant and reliable economic, administrative and medical dataprovided by eHealth should facilitate better quality planning,control and management of individual health care organizationsand health care system in general. The focused questionanswered in this research is: what is currently existing in theTanzania eHealth landscape? The main objectives of the paperis on analysis of activities and operations in the current eHealthlandscape in Tanzania focusing on systems interoperability andcollaboration between eHealth stakeholders. After theintroduction, the second section of the paper presents thehealthcare system of Tanzanias mainland where we see thechallenges in adapting eHealth standards in Tanzania. Our studyand methodology is in the third section. Fourth section outlinesanalysis where findings deduced from analysis of activities andoperations in the current e-health landscape in Tanzania ispresented. Section five provides discussion. The last section isconclusion and recommendation where we provide some

49

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

recommendations for more effective further development and

implementation of eHealth in Tanzania.II.

hospitals, dispensaries(health institutions) and some company

that are involved themselves in developing health managementsystems.

HEALTHCARE SYSTEM OF TANZANIAS

MAINLAND

B. Sampling and Data Collection

A cross-sectional study was deployed in eight hospitals, sevendispensaries and some company that are involved themselves indeveloping health management systems. Data collectionincluded the use of structured questionnaires and interviews.Data was collected in order to analyze the current activities andoperation in eHealth. Guided questionnaires were used tomeasure the intensity and strength of the factors associated withthe current activities and operation in eHealth. Review ofexisting documents such as journal articles and official reportsrelated to the topic under study was done.

Tanzanian mainland health infrastructure and healthcare

services are categorized into four levels; primary level (villagehealth posts, dispensaries, and health centers) to districthospitals, regional hospitals and finally, consultant /specializedhospitals [13]. About 90% of the population live within fivekilometers of a primary health facility [10]. The first line care inrural areas is provided by Clinical Officers with 3 years ofmedical training or Assistant Medical Officers with additional 2years medical training [14]. The introduction of mandatoryhealth-insurance schemes for formal-sector employees, offeringcomprehensive health care benefits to their members, the largestbeing the National Health Insurance Fund covers civil servants,and on the other hand The National Social Security Fund forprivate formal-sector employees [15].

C. Data AnalysisStatistical Package for Social Sciences (SPSS) was used for dataanalysis. We present the findings in tables for easy readabilityand interpretation of data. The significance was tested using a pvalue of p = 0.05 with a confidence interval of 95%.

A. Challenges in Adapting E-Health in Tanzania

While the integration of ICT and healthcare has brought a lot ofpotential benefits, there are many challenges which affect itsadoption in Tanzania. Different studies show that inadequateICT infrastructure, unreliable electric power, low ICT budgets,Lack of coordination on ICT matters among ministries,departments, and agencies (MDAs), as well as partners, poor ehealthcare systems design, inadequate ICT skills on thehealthcare workers to mention few, are the bottlenecks to theadoption of eHealth in Tanzania [8], [9].As stated in the actionplan report by the Ministry of Health and Social Welfare[10]current challenges to eHealth in Tanzania includes:

IV.

The analysis done on current health care delivery service,

applicability of eHealth components and on some of existingeHealth solutions and systems focusing on collaboration andsystem interoperability, resulted into key findings that arepresented in category wise as follows:A. Existing eHealth Solution and Health Information SystemsHealth service, particularly when considering eHealth (a case ofapplications and systems) involves several tasks (Reporting,collection, management, knowledge transfer or analysis of datato mention a few). Our examination, reveals the existence ofvarious systems that are concentrating on collection,management and analysis of data, but which are notinterconnected and inter-operable.

A fragmented landscape of eHealth pilot

projects and stakeholders Numerous data and health informationsystems (HIS) silos Lack of ICT infrastructure Lack of ICT workers, in particular those whoare well trained Lack of coordination on ICT matters amongministries, departments, agencies (MDAs),and the lack of an architecture to guide thedevelopment of HIS bottlenecks. Lack of compliance with eHealth standardsand systems interoperabilityWith these challenges the analysis of activities and operationsin the current e-health landscape in Tanzania was inevitable.III.

ANALYSIS / RESEARCH FINDINGS

AllseeEHR system which is implemented in government

hospitals in Kinondoni Municipal in Dar es Salaam, it is moreabout recording of patient information on reporting, but theemphasis is more on recording cash flow from different sectors,although patient history can be viewed once he/she provideshis/her registered id but also it is neither inter-operable norinterconnected among the implementing partners. On the otherhand, some open source software like OpenMRS and Care2xhave been implemented in some areas for various purpose likemanagement of HIV/AIDS, and for registration. LIS, JIVA,LMIS, DHIS2 and CTC2 are present health systems that areimplemented in various health institutions but, they are notinteroperable or interconnected either.

OUR STUDY AND METHODOLOGY

A. Area of StudyThis study was carried out in Dar es Salaam and Arusha,Tanzania. We consider more Dar es Salaam since it has morehealthcare facilities as well as key informants from health careworkers, preferably supervisors or staff in-charge in healthinstitutions [16].The analysis on HIS was carried out in

50

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

B. Distribution of eHealth Services between Rural and Urban

Table 1: Stakeholders response towards collaboration andAreastools used in achieving such collaboration (N=102)In recent years there has been an increase in the number of healthfacilities in the country, so that the majority of the populationInterviewedNumber ofCategoryTools usedlives within 5 km from a health facility. However, there arecollaboratingstakeholders(Per percentage % representation)still geographical inequalities in access to health servicesstakeholders[16].In relation to geographical inequalities in access to healthPhone Email Phone Git /services (Between rural and urban areas) there is relativelyandanyhigher support from various stakeholders in urban areas thanEmail CVSin the rural areas [8]. This is in line with our findings wherea number of health stakeholders prefer to settle their businessDevelopers161343.7525 12.5in urban due to infrastructure problems present in rural areas.Implementers7771.4328.57This increases the gap we see in access to health services andeHealth applicability between these two areas. As thisClinicians222254.5545.45

stands, there is less effort by the government or other

Users575180.78.77

stakeholders in health to resolve the situation the challenge

being inadequate resources.Unreliability of the internet in most of the hospitals regardless ofC. Collaboration Among eHealth Stakeholdersthe presence of National ICT Broadband Backbone (NICTBB),Health sector involves a number of stakeholders covering fromresults in information exchange by using emails to be lessgovernment, public/user, policy maker, healthcare professionals,preferred compared to use of mobile phones. Looking intoFunders etc, who may be categorized differently. In this study,another angle, collaboration among private hospitals or privateespecially when considering collaboration among eHealthto government was found poor, that is the willingness of thosestakeholders, we have presented four categories as: developer,parts to collaborate is poor. Some argued that they are doingimplementers, clinicians (Health care provider) and users.business in which they compete thus it is difficult to collaboratewith your competitor; nevertheless we present the view of healthThe study revealed that collaboration among the mentionedstakeholders on how collaboration is in their respectivecategories do exist, however the lack of a standardized wayorganizations.(agreed upon tool) for collaboration among the eHealthstakeholders was found to be a big challenge. The result of chisquare test shows that collaboration among eHealth stakeholderslevel is significant (p = 0.026). Also we found out that, there ispoor willingness towards collaboration among privatecompanies or vendors who are involved themselves withdeveloping of health management systems (when consideringdevelopers).Some of the reasons to this are due to businessissues, and there is no initiative so far trying to call thosecompanies together so that they can seat and reach an agreementon how to collaborate, tools for achieving such collaboration,business issues and policy to guide them in their collaboration.This would help to solve the two prior challenges. On thatperception we asked the stakeholders (participants) aboutcollaboration and tools used in achieving such collaboration.The results were as follows:

Frequency

Percent

Satisfy

42

41.2

Poor

36

35.3

Normal

24

23.5

Total

102

100.0

Valid

Table 2: Health stakeholder views on collaboration in their

respective organization (N=102).D. System InteroperabilityAs stated in a report by the Ministry of Health and SocialWelfare (2013-2018) [10] that: Tanzanias HIS are faced withsystem interoperability problems. We found out that almost62.5% of complexity in data integration and henceinteroperability were in line with our hypothesis thatInteroperability fails because of lack of coordination at alllevels of systems development. A well designed collaboration

51

http://sites.google.com/site/ijcsis/ISSN 1947-5500

Total%

81.7510010089.47

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

architecture will facilitate coordination which, in turn, will lead

to interoperable systems development. Also, the common useof open source systems which were not specifically designedaccording to our context and environment (Varying in healthculture) being a source of fragmentation and lack ofinteroperability.

terminologies), and (3) determining how to encode the data for

transmission [18].So where there is no data standards and dataquality, interoperability is becoming a big challenge to handle.On the other hand, our study reveals that 91.18% of interviewedeHealth stakeholders based on the level of collaboration asdefined in this study are capable of collaborating regardless ofwhat tools they are using to achieve such collaboration as shownin Table 1.When rating the existence of collaborating in theirrespective organization, the results were 41.2% are satisfied,35.3% rate poor, 23.5% rate normal, respectively. Looking intotools for collaboration, we found out that phones were leadingwith 73% following with phone and emails 16%, emails 9% and2% for version control specifically here we considered Git.These findings are consistent with some findings of previousstudy when giving an account on the adoption and use of ICTby healthcare workers, which report that Over 93% of thehealth care institutions use mobile phones in this regard [8].

Lack of compulsory governance structure and standards to guide

the development of eHealth systems across the health sector (anarchitecture, Security and Data dictionary) top up tointeroperability problem [10].With this remark, we observedifferent systems with different design and data structure whichalso add to system interoperability problem. Although thecreation of a common data warehouse through integration of thediverse information systems into DHIS2 which deals with moredata collection and analysis processes is the current focus, theawareness of interoperability and data standard adoption is stilllow among the health and ICT workers. As 55.9% of interviewspersonnel when asked about these two parallel things, theirresponse was poor and the result of chi-square test shows thatsystem interoperability is significant with p =0.004.V.

Furthermore, we looked into the defined level of collaboration

starting with developers from different health organizations (inmost cases, they are under ICT department), we found out thatthey are aware of the existence of other tools like GIT or otherversions control systems (VC) for collaboration, but there is noapplicable tools so far among them for the purpose ofcollaboration due to a number of reasons mostly being issuessurrounding privacy and security of their health records. Thisagrees with the study done by Ndume which reports that despitethe existence of several collaboration tools naming them as Ning(aimed for network expansion), public library of science(knowledge expansion), Epic surveyors (remote functionality),Scribed (research promotion) as well as Skype, Wiser, Twitterand Facebook, some of the kits dont give researchers peace ofmind with respect to security, intact and credibility of their work[17].The situation is the same not only to researchers but also toother different health stakeholders. About 79% of intervieweeshowed that response, but this is a more traditional way ofthinking that can be changed with proper knowledge on thosetools and on how to customize them based on their requirementsin terms of security and privacy. In the same way we consideredthe level of clinicians(Health care providers) and users, theinterview with them revealed that they have an awarenessconcerning collaboration even though it is mostly done throughmobile phones.

DISCUSSION

This study reveals that the current eHealth activities in Tanzania

mainlands are still faced with a lot of challenges involvingsystems interoperability and collaboration among eHealthstakeholders. Although there is an eHealth policy to direct whatto be done and how, the situation is quite different in most healthcenters and hospitals. In most cases the reasons being inadequateICT infrastructures, inadequate resources, poor ICT skillsamong health workers and budget limitation. These findingssupport the findings in previous studies [8], [9].System interoperability is an important aspect towards achievinggood health care service delivery [5]. As that fact stands, in ourstudy, we found out that almost 86.3% of the systems are notcapable of sharing information (or not interoperable). Severalfactors were recognized that are concerned with this situation,the common one being most of the systems are designed as perhospital needs and they differ a lot in their data structure orformats. However, querying multiple data sets with differentformat requires mediated schema which in turn requiresscientists to have knowledge of the query syntax [17] thatawareness to most of our health IT stuff is still low. We alsofound out that security and privacy concerns are associated withmost of the organizations not willingly to share their data. Thisis in line with [12] who said that Tanzania health consumersshould be made comfortable by ensuring that the issuesurrounding privacy and security of their health records areclearly addressed before taking any further step towards theimplementation of interoperable EHRs for health informationexchange. In order to deal with interoperability problems acommon data standard must be agreed upon. At the most basiclevel, the data standards are about the standardization of dataelements: (1) defining what to collect, (2) deciding how torepresent what is collected (by designating data types or

At this point we argued why mobile phones are more involved.

The answers were obvious. Any member can buy a phone andfound him or herself in one way or another using it as a tool forcollaborating with other members in the field. Also, poor orinadequate ICT infrastructures in most of the hospitals resultingin the use of the mobile phone as a number one tool forcollaboration. In addition, the Tanzanian health sector ischaracterized by a fragmented landscape of ICT pilot projectsand numerous data and health information system (HIS) siloswith significant barriers to the effective sharing of informationbetween healthcare participants [10].Hence it is clear that wehave the problem of system interoperability and it was observed

52

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

during the study that in some cases collaboration out of using

mobile phones or emails as a tool for achieving collaboration ,itwas hindered simply because systems were not capable ofsharinginformation and poor willingness towardscollaboration among different health stakeholders due to somereasons revealed in this study. But regardless of severalchallenges under this area, the need of collaboration andconnection of a widespread network of stakeholders within thehealth care system and between the different healthstakeholders level is important, as it was reported in [19] thatRealization of health care sector goals of the vision 2025 needscollaboration of all the key stakeholders involved in health.

[2] OECD, ""Improving Health Sector Efficiency: The Role of Information

This calls for proper technology improvements, especially

when dealing with interoperability, collaboration, security andprivacy issues, as health data information is highly sensitive anddifferent health organizations have their own orientation, rulesand policy. Although agreement on a mechanism for ensuringprivacy and security of their health records, technologicalmeans and policy to be used may be reached, we must take intoaccount that collaboration is something that cannot be forcedbut can be agreed upon.VI.

CONCLUSION AND RECOMMENDATION

In this paper we report about an analysis of current operation

and activities in Tanzania mainlands eHealth landscapefocusing on interoperability and collaboration. Taking intoaccount that analysis of activities and operation in eHealthlandscape is an ongoing activity that needs time and resources,we selected key areas and features in order to meet theobjectives and the reality of the situation on the field which wasvery important in this study. We found that it is important thatthe introduction of ICT curriculum or ICT training sessionstargeting eHealth in health training institutions to healthworkers has to be considered. By doing this the awareness andeffectiveness use of ICT among the health staffs will increaseand facilitate its adoption by leveraging the presence ofNational ICT Broadband Backbone (NICTBB).There is a needfor more effort by the government through the ministry incharge of the health sector towards collaboration by promotingthis tradition among different health stakeholders. Also,different seminars regarding interoperability issues are to beorganized aiming at increasing its IT literacy among healthprofessions. On the other hand, inadequate support, budgetlimitation, security concerns and unreliable power supply werefound to be the most common challenges facing the eHealthactivities, a proper attention must be given to these challenges.

(IJCSIS) International Journal of Computer Science and Information Security,

A Review on Triangle Based Techniques in Biometric

thats why this method represents as a further security

system. One of the methods which are used to make suchexamination is gait. It can be done by Genetic Algorithms(GA), Artificial Neural Network (ANN), and mathematicalconcepts (geometric) by using Gabor system. In a previousstudy [2] the body is divided into two parts the static or fix(upper part) and dynamic or more movable then upper part(Lower part). The upper body part is subdivided into threeparts, the first part is the head, the second part is arm thethird part is the chest and the lower body part is subdividedinto 4 parts, the first part is thigh, which includes hip,second part is the front leg, the third part is back leg and thefourth part is feet. Gait has mainly worked done in thelower body part because the lower portion of the bodymoves more than upper part so study of moving parts iseasy. The front-leg and back-leg are included as separateparts because of the bipedal (cycle) walking style.When aperson walks the left leg and the right leg come tofront/back by turns and create a cycle.This survey paper is divided into five sections, onecontains an introduction, the second contains an overviewof biometric recognition system, section three containsliterature contents studied, section four containscomparisons of the triangle techniques based on studied inliterature survey and section five contains the conclusion.

Abstract: Biometric system is an analysis of unique

biological features of human being. The purpose is used forhuman security and identification. Different conventionalbiometric (such as face recognition, iris, fingerprint, etc.)methods are used for security and identification purpose,but they can capture only by physical control or at a closedistance from record search. Gait on a behavioral biometrichas attracted more attention recently because it can captureat a distance with requiring the earlier consent of theobserved object. This survey paper covers the currenttrends and method of Gait based surveillance system usingtriangle methods and compare them.

Keywords:

Biometric, Gait Recognition, Image

Processing, Triangle methods, Pattern Recognition.

1. INTRODUCTIONAs the world is getting advanced andcomputerized so the security system which were earlierhuman controlled [1] are being replaced by a computerizedsurveillance system. Which is based on image processing.It is used in this system to identify the unique physicalproperty that means Biometric property of a person,Biomatric characterized into two portion physiologicalproperties (face, fingerprint, iris, DNA) and behavioralproperty (signature, voice, walking pattern).

2. OVERVIEWAn informative survey of the current analysistechniques to data regarding human movement has beenoutlined by Gavrlla [3], In his work has done visualanalysis, looking at gestures and whole body movement.His survey gives results to recognize human and theiractivities by computer to interact intelligently andeffortlessly with a human inhabited environment.

Previously, biometric research concentrated on

human authentication and authorization, utilizations faceimages, fingerprint, palm prints, shoe print, iris, images andhandwriting. But these conventional biometric resourcessuffer from several limitations such as distance between thecamera /scanner and people, people (user) co-operation willconsider for authentication and authorization.

In this basic biometrics surveillance system has following

component:

For visual surveillance applications, the

conventional biometrics resources are difficult to utilizeand gait provides in an interesting way. A gait describes themanner of a persons walking i.e. walking patternrecognition. It can be acquired at a same distance and it isnecessary without the walkers co-operation or knowledge

Capture video: The video is captured by high quality

digital cameras.Convert into frames: Videos are converted into variousgait frames in one cycle, according view here side view.

55

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

biped patterns, the gait of each one is different in relative

time, step range and so on. So gait is believed to beparticular for everyone and can be used as a feature inpersonal identity recognition, especially in the distance. Inthis paper they used simple gait recognition method whichis based on different points on body joints. In this workthey first extract the human or subject frames from ofmoving bodies in the form of silhouetted images from agiven image. Silhouetted means the black or carbon imagescontain only black image [4]. In that image, 12 differentbody points identified by them and compute 9 differentangles between those points. The angles are angles betweentrunk called the trunk angle, angle of left arm, angle ofright arm, angle of left forearm, angle of right forearm,angle of left thigh, angle of right thigh, angle of left shankand finally angle of right shank.

Analysis of each frame based on the approach: Each

frame is analyzed depends upon the method which is used.Correlate as a Triangle Feature: In this component newdata are stored in the database and if existing values arefound, then result is decided.Correlate as a Triangle Feature: In this component newdata are stored in the database and if existing values arefound, then result is decided.Database: Here the data are stored.Result: Based on input, output is generated.

CAPTUREVIDEO

Then they calculated limb angle. After that,

made discrete Fourier transform for each cycle. Twodifferent frequencies, amplitude, frequency and phasefrequency of angles are chosen. Finally, apply the nearestneighbor classifier that is used to classify subjects from thedatabase. In their work they used SOTON Dataset forsimulates their results. The SOTON data set has 118 totalimages. From those images in their work they used 10images and give Correct Classification Rate (CCR) 78%,which had better results than other methods which werepresented that time like Body shape and template

CONVERT INTOFRAMES

ANALYSIS OF EACH FRAME BASED

ON APPROACH

CORRELATE ASA TRIANGLEFEATURE

correlation (CMU) which correct classification rate

was 45%, Static body parameters (GeorgiaTechniques) which CCR was 73%.

DATABASE

RESULT

3.2 Angels based gait detection: In [5] gait

recognition angle based gait detection is important andmore efficient than other method. In this work they usedtwo body part of the human as a feature extraction andaccording to those features of the human body thecalculation is done. They had taken three lower parts of thebody those all features were from lower because maximummovement is done in lower portion. Here in their work theytook both the foot (left feet and right feet) to be morespecific they used center point of feet from base as a thirdparty hand which is visible in side view are taken andconstruct a logical angle. Forgiven angle gait recognitionhas been considered two features of the human body that ishand and feet for gait recognition is considered. To be morespecific center point of base of both feet is taken as verticesof the triangle which will be found using the hand as a thirdvertex. They calculate [5] the formed angle by the slopemethod in that method they used tangent formula. Theycalculated three angles for each frame and after completionof one cycle mean value were calculated.A cycle is a formed one when a person whosewalking [11] posture is being captured reaches to theposture which is same as starting posture of the person. Inthis paper they focus on angle based analysis and appearthe method on CASIA A database in which side view

Fig.1 Basic biometrics surveillance system for

triangle approach

3. LITERATURE SURVEYIn this section we are discussing an approachwith different fields. Positioning body joints basedapproach, Angels based gait detection approach, area oftriangle based approach, A Novel Method of Gait basedrecognition Using Fuzzy Inference, System Gait GeometricCharacteristic and Fuzzy Logic based approach.

3.1 Position joint base human body detection: In [4]

gait recognition means identify individual persons orsubject by analysis of patterns generated in each frame ofcycles. Gait recognition is to identify individuals by theway people walk in no consideration of the disturbancesuch as background, clothes and so on. In the view ofbiomechanics, the walking of people includes thesynchronous movements of hundreds of muscles and joints.Gait is completely determined by the structure of musclebones. By which all peoples movements are based on

56

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

images are given. They have taken some (17) subject

images and calculate the angles for each frame for onecycle and after calculation there correct classification ratewas 90% which is more efficient than other methods.

3.5GaitRecognitionwithGeometricCharacteristic and Fuzzy Logic: In [7] the definitionof Gait is defined as "A particular way one person walks".It is a process which is divided into stages [8]. Analysis ofwalking pattern is a gait cycle. The style of walking or gaitcycle of every person is unique. [9]. Human gait is therepeated motion of the body parts. Mostly there is no muchmore changes in head and shoulder motion as compare tohand and legs. The repeated motion part of the body formsa gait cycle. A Gait cycle or stride is defined as amovement when an initial position of a heel comes backagain. The single gait cycle is further divided into twophases: In the proposed method two parameters of humanbodies have been taken. The First component is hand andanother component is feet. The Second parameter issubdivided into two portions it is toe (left and right feet)and (left and right feet). Total five extraction points wereidentified. The extraction points were decided by highresolution white points. Here two triangles were formedbetween these five points and those triangles constructedbetween the toe of left feet, hand and toe of right feet andheel of left leg, hand and heel of right leg. Here twointersection points were taken [7] for study and points areknown as I and I.The triangle is constructed where point Arepresent Hand and point B, C represents toe of the leftfeet and toe right feet respectively, point D, C representsheel of left feet and heel right feet respectively. In this workthey calculated the intersection points for each frame andthen calculate for a complete cycle. Then mean values werecalculated. These mean values were input of fuzzyinference systems. FIS compare and produces results withthe database values according to the following fuzzy rules:Result analysis is done on CASIA dataset for gaitrecognition of the proposed method. In a proposed work 17subjects had been taken with 23 frames, which completethe gait cycle, only one side is considered. 17 subjects ofMPEG files are converted into JPEG frames, then whitedots pixels are inputted on RGB frames of an individualsubjects in a proposed gait system after that, these RGBframes are converted into gray scale for further processing,with the database value, if the value is greater than 85%then matching is excellent, value belongs between 75 to85%, then matching is good, value lies between 60 to 75%and matching is average, if value is less than 60%, thenmatching is poor, these rules are decided by the fuzzy setand the result shows that the correct classification of thismethod is 88%.

3.3 An approach for human gait identification

based on the area of a triangle: In [6] biometricsystem data to be collected and given as a video input. So,in the preprocessing initial video is captured, and thenconverted into frames for that particular person. In thiswork they have considered side [10] view of particularsubjects. Here they have considered three parameters of thehuman body for feature extraction. It is Left hand, right feetand left feet. They consider three feature points. Thefeature points are taken as a white dot point whichrepresent high resolution. They create a triangle betweenextracted points. They calculated the length of each edgetotal three edges are captured [6] edge 1 (a), edge 2 (b) andedge 3 (c) and then for all the frames of one cycle, themean values of edges are calculated and the stores to thosevalues in database.Here they calculate correct classification rates forboth analyses. The First is for individual distanceclassification and second is for pair distance correctclassification. This experiment demonstrated that a featureselected of a by pair distance gives better result thanindividual distance. The result shows the correctclassification of the first method is 66.6% and the correctclassification of the second method is 82.3%. It has beenconcluded that second analysis they have given betterclassification rate.

3.4: A Novel Method of Gait Recognition Using

Fuzzy Inference System: In [4] this work they usedbody joint method. Here five different three body partswere taken. The body parts were left feet, right feet andhand. Total five feature points were extracting two points inleft feet (toe and ankle) and two in right feet (again toe andankle). They construct 2 triangles first are between left feettoe, hand and right feet toe and, second between the leftfoot ankle, the right foot ankle and hand. Here theyobserved that both triangles were intersecting and twointersecting points generate. They computed thoseintersection points by parametric line equation. Theycalculate those points for each frame for each cycle andfind the mean value for each cycle and stores in thedatabase. This experiment is all based on the condition ofthe outdoor gait database environment of various subjectsusing a side view of the walking direction. After applyingthe algorithm on this database the correct classification rateis 90%, which result is good as compared to other methods.

4. COMPARISON

57

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

After reviewing different papers and work on

these approaches, the correct classification rate (CCR)obtained by different researchers in field of triangle basedgait can be summarized as following table which results areshown in the table on the basis of their CCR rates andnumber of people under surveillance.

In this review paper, we present a comparison

between different approaches the techniques which arebased on triangle of different body parts. In this reviewpaper, we discussed only lower body part analysis. Here wetook those work which is based on common components.All techniques used triangle based method they constructtriangle by feature extraction and then recognition is doneby various methods. By this review paper, it has beenobserved that the angle based gait detection and novelmethod give the same results.

88%

Table 1: Comparison of Various Approaches

The table 1 indicates that the result of Methodbased on positioning body joints [4] A Novel Method ofGait Recognition Using Fuzzy Inference System andAngels based gait detection gives the same result which arebest result among the above other mentioned methodsbasically these methods used the concept of fuzzy interfaceand angle based recognition respectively. At first, theyverified the usefulness of the algorithm on the gait databaseestablished which includes 18 different subjects.Furthermore the experiment is all based on the condition ofside view images. Other methods have also good results,but methods for calculating the area or angle changeresults. Here we are giving comparison chart betweenmethods and their CCR rate in percentage where CCR iscorrect classification rate.

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No.6, June 2015

Methodology of Assigning Musical Notations to Sanskrit Verse

Pranjali Deshpande

Pravin Game

Pune Institute of Computer Technology,

Savitribai Phule Pune University, Pune, India

Pune Institute of Computer Technology,

Savitribai Phule Pune University, Pune, India

development. The well-knit (i. e. syntactically and semantically

strong) structure of this language, has encouraged currentresearch. Sanskrit is a very scientific language. Its entiregrammatical mechanism is perfected. From this perspective,Sanskrit grammar studies have received serious attention aboutthe truthful representation of communicationworldwide.Fig.1. shows various areas of Sanskrit Literature addressed bycomputer.

Abstract Sanskrit literature is unique in its overwhelmingly

poetic character. The subjects like science, engineering, medicine,grammar and law are mostly written in the form of poetry whichmakes them easy to memorize. The Sanskrit poetry, comprised ofShloka or Verse, is classified in terms of unique meter or Vrutta.Vrutta is the unique pattern formed by the categorization ofletters as long and short syllables. Depending on the rule basedVrutta identification in the verse, the rhythmic enchanting of theShloka is facilitated. This paper discusses the method ofidentification of Vrutta in Sanskrit Shloka and suggests themusical notations based on identified Vrutta, for singing theShloka. The designed system Sangit Vrutta Darshika can beused as a guide to learn the construction of Sanskrit verse. It alsofacilitates the systematic singing of Sanskrit Shloka which hasapplications in areas like Music Therapy.

I. INTRODUCTIONOf all the discoveries made in the course of human history,language has been the most significant. Without language,civilization could not have been progressed. Languages havebeen used as a means of communication since ancient times.Presently, the basic language structure has found a new horizonof machine-communication in the form of modern computerprogramming languages. Since digital computer is the onlymachine which requires some form of language construct for itsefficient operation, Computational Linguistics, which dealswith typical characteristics of such constructs, is a rapidlydeveloping field. This scientific outlook at various languagestructures, led to the recognition of importance of Sanskrit byscientists world- wide. Sanskrit is one of the oldest and livinglanguages on our planet. Research organizations like NASAhave been looking at Sanskrit as a possible computer language[1]. Sanskrit is the systematized language of rich classicalliterature and its alphabets are impeccably arranged, easy toremember. The grammar and syntax of Sanskrit language areperfect, leaving little room for error. Sanskrit is the mostefficient natural language for certain computer applications

GrammarClassificationof Text

MachineLearning andTranslation Tool

Fig.1.Various areas of Sanskrit addressed by computer

The legendary Sanskrit grammarian of 5th century BC, Panini

is the world's first computational grammarian. Panini wroteAshtadhyayi (the Eight-Chaptered book) [15], which isconsidered to be the most comprehensive scientific grammarever written for any language. Many approaches were proposedby scientists and grammarians world-wide, to extract therichness of Sanskrit language in various contexts.The Sanskrit poetry, comprising of Verse or Shloka is classifiedin terms of its Meter or Vrutta. Indian scholar and musicaltheorist Pingala, in his Chhanda Sutra, used the marksindicating long and short syllables to indicate meters or Vrutta

60

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No.6, June 2015

and the short (Laghu). The algorithm is written which converts

the Sanskrit verse into binary form considering only the longand short syllables in it. The second algorithm will classify theverse by splitting it in two parts and categorizing it in Sama,Ardhasama and Vishma meter. The disadvantage of thisapproach is, the number of meters in actual use across theliterature is limited to a smaller number than the numbertheoretically possible. Hence, this work handles the meters invogue, which indeed themselves constitute a sizeable quantityand pose non-trivial computational problems.Aasish P., Ratna S. [3] proposed the approach of analysis ofSanskrit grammar for Machine Translation and Tokenizerwhich provides solution for Samaas Vigraha. For parsingSanskrit sentence two major factors are considered regardingcomplexity of words. Sandhi which is combination of twowords to produce new word and Samaas which iscombination of two words depending on their semantics.While designing the parser, rules are to be defined which arebased on some of the factors like Part of speech (POS), Listof words, Case end and begin and DeclensionSome of the actions or functions are1) SetDecl (Declension case for specified token)2) Add before (add a string before a specified token) etc. Therules are stated for dissolving Compounds. The input to theparser Vaakkriti is a Devnagri text and output of the systemis the set of tokens produced after Compound Dissolving.The above stated system will fail to produce the requiredoutput when a Sanskrit poem is given as input. A Sanskritpoem conveys more than one meaning and sometimes figureof speech is used, which makes it more complex.

in Sanskrit poetry. More than 150 Vrutta exist in different

poetic forms. Depending upon the rule based Vruttaidentification in a given verse, the way in which the verse canbe sung is decided.Rhythmic chanting of the Shloka or Verse enhances thecapability of memorizing the Shloka. According to Mantratherapy when the Shlokas are rhythmically chanted they havewonderful effect on our body. With this context difficulties aregenerally faced by common people who are unaware of theserules but want to sing the verse correctly.Our research specially contributes for addressing this problemby providing a system which will facilitate the people who areunaware of the construction rules of verse but want to learnthem and sing the verse correctly.The paper is organized as follows: In section II wediscuss related work in computational processing of Sanskritlanguage. Sections III and IV explain the designed system andimplementation details along with the example. In section V weconclude the work and propose the future directions.II.

RELATED WORK

Rick Briggs [1] proposed how Sanskrit as a natural language

can serve as artificial language also. He states comparisonbetween semantic net and method used by ancient IndianGrammarians to analyze sentence. Parallelism between two isalso analyzed. Consider the example of the sentence Johngave ball to Mary The action involved is to give, but therealso exists the intermediate or auxiliary actions such as John isholding the ball in hand which is a starting point and the ballwill go in Marys hand which is the end point.Auxiliary activities (karakas) are stated in Sanskrit by meansof seven case endings. i.e. agent, object, instrument, recipient,point of departure and locality. Consider example sentence asOut of friendship Maitra cooks rice for Devdatta in pot, overa fire.In the triple form the sentence can be written as Cook, agent, MaitraCook, object, rice etc which is very similar to approach ofcomputer processing. The Sanskrit sentence for the same iswritten asMaitrah: Sauhardyat Devadattaya odanam ghate agninapachati.Also in both the language representations the activities areconsidered as events. For ex. instead of cooking it isconsidered that activity is going on which is cooking.

G.Huet [7] has proposed the method for Sanskrit processing

by computers. The software is proposed which analyses theSanskrit sentence depending upon the possible interpretationsof Sandhi analysis. Sanskrit lexical database is constructedTwo-tape transducer is modeled for Sandhi analysis. InSanskrit text, as the words are not separated by blanks andpunctuation symbols, but are merged together by externalSandhi. Thus segmentation is done. Further lexicon directedsegmenter is extended into a tagger.Subhash Kak [9] describes the classification schemes formeters from Vedic age. Sanskrit meters are based on thesystem of short and long syllables, represented by 0 and1.Meters has different lengths. In Chandashastra, Pingala havestated two basic schemes of representing meters whichindicates the octal representation. The representation of versefeet is given depending on number coding of three syllables,but order of bits is reversed from modern representation. InKatapayadi (KTPY) notation numerals are represented asletters of alphabet. It shows the irregularity of mapping thenumerals above three, which is not present in Pingalasmapping. The author has given the construction of themapping behind Pingala scheme, analogues with KTPYnotation, called as Katyasadi (KTYS) notation.

Rama N. and Meenakshi Lakshamana [2] proposed the

approach for the issue of rule based division of Shlokaconsidering the fact that Sanskrit verse is sequence of fourquarters. Each quarter is classified either by the number ofsyllables (akara-s) or the number of syllabic instants (matra-s).The determination of meters is based on either of these factors.Meters based on the first factor are called Varna meters, whilethose based on the second are termed jati meters. In VarnaMeters, two types of syllables are present the long (Guru)

61

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No.6, June 2015

Anoop M. Namboodiri, P.J. Narayanan and C.V.Jawahar [13]

have proposed a framework to use rich metric and formalstructure of classical poetic forms for post-processing arecognizer like OCR engine. They have proposed thealgorithm for processing of poetry. The proposed algorithmcan be used in conjunction with other post processingapproaches and for correction of modifier symbols, difficult torecognize for OCR.

Input Shlokain Unicodeformat

Pattern matchingfor the givenShloka with theStored Pattern

The existing approaches propose to mark Laghu and Guru but

do not talk about the classification and generating musicalnotations for the input.III.

ShlokaPreprocessing

SANGIT VRUTTA DARSHIKA

PatternFormation

UniqueIdentifierGenerationfor eachPattern

Mapping withthe Musicalnotations

In ancient Indian Poetry total dominance exists in oral

tradition. The reason behind this is ease of memorizingverses. To compose the lines of Shloka the rules aredesigned. The set of these rules form set of structures. Theserules are known as Vrutta. Each Vrutta can be identified byunique pattern of letters or akshara. The Vrutta aremandatory rules in the poetry. Sanskrit Shloka is comprisedof quarters or Charan.

Output (Identified Vrutta and Musical

notations in text and audio format)Fig.2. Block diagram of the system

There are two broad categories of Vrutta which exists in

Sanskrit Shloka: Gana Vrutta and Matra Vrutta.

Mathematically the system is presented of a function f(x),

where f(x) is a function for Vrutta identification anddetermination of suggested Musical notation for given Shloka.The objectives of this function are to Search Akshar GanaVrutta from Shloka and to specify the suggested musicalnotation according to the Vrutta identified. The input Shlokahas constraint that it must contain Akshar Gana Vrutta asclassification scheme. Consider S be the system that describesthe problemi.e. Let S= {{I}, {O}, Fv, Fn, Sc, F}Where

In Gana Vrutta each Charan in Shloka has similar number of

letters, having same number of Laghu and Guru so it is alsoknown as Akshar Gana Vrutta.In Matra Vrutta the number of letters in each Charan may notbe identical, and each short syllable will be assigned value 1and long syllable will be assigned value 2. Depending on sumof Matra in each Charan the Vrutta will be identified.The designed system SANGIT VRUTTA DARSHIKAemphasize on the method of classification of Sanskrit Shlokadepending upon identified Vrutta. The Vrutta we haveconsidered falls in the category of Akshar Gana Vrutta. Thefunctionality of the system can be understood by the blockdiagram given in Fig. 2.As shown in the figure, the input to the system is a SanskritShloka in Unicode format. The identified Vrutta and Musicalnotations in text and audio format will be displayed as anoutput.

---- Set of Sentences

Each-----Set of WordsSi I Wi separated by And--------Set of lettersLWhere i=0, 3,6,9,12,15Assign L = 1 for Guru or Long syllableAnd L = 0 for Laghu or short syllableLIf Li { LV {{SL} with aM } {{SL} followed by :}{{SL} followed by I } {{SL} followed by i :}}Li=1(Guru)where LV = {Aa Aao [- } eo }SL = { k K & }Else if Li { SV {SV followed by I}Li=0(Laghu)

62

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No.6, June 2015

where SV= {A [ ]}

The sample words as examples of Gana are given in Table.1.

U is the symbol used for marking Laghu letter and _ is thesymbol used for marking Guru Letter [14]

If Laghu letter is followed by Jodakshar then consider that

Laghu letter as Guru.(example: In the word jagadmba mba is aJodakashar and d is a Laghu letter. According to therule stated it will be marked as Guru. Jodakashar isconsidered as Laghu and if followedby visarga,anusvar, kana,dirgha velanti should be considered asGuru.( for example: In the word cand/a , nd/awill be marked asGuru as it contains Jodakshar followed by kana)If Dg is database of Gana

Figure 3 illustrates a method of finding a Guru in the Sanskrit

Shloka

= Stagdhara = {Pattern of Stagdhara}

= Hansagati = {Pattern of Hansagati}= Vasanttilaka = {Pattern of Vasanttilaka}= Malini = {Pattern of Malini}= Indravajra = {Pattern of Indravajra}G=Let N be set of notations in Hindustani music notations intext and M is set of Music files having three differentmusic files, wherein two files of different energy levelssuitable for male and female voice recorded using violinand 1 vocal file of the popular Shloka or Subhashit in thatparticular Vrutta.WhereIf Gi=Si, Display Si, Ni, Mi where i=0, 1, 2, ----, 9

63

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No.6, June 2015

Sanskrit Shloka (INPUT)

Assign Laghu or Guru for each

letter in ShlokaFig.3. Rules of marking Guru

Group three Laghus and/or Gurus to

generate the pattern (Gana)

Figure 4 illustrates a method of finding a Laghu in the Sanskrit

Shloka

Identification of vrutta from Gana

Pattern matching

Specify possible musical Notation

Fig.5. Implementation flow of the system

The designed system accepts Sanskrit Shloka in Unicode

format. Unicode provides a unique number for everycharacter irrespective of the platform and the language. UTF8 encodes each Unicode character. Ones the Shloka is storedin UTF-8 format, following process will be carried on:Fig.4. Rules of marking Laghu

IV.

1. Laghu or Guru is assigned to each letter according to

grammar rules.2. The Shloka is divided in groups called as Gana,where each group or Gana consists of combinationof Laghu and/or Laghu and Guru. Depending uponthe Laghu, Guru assignments within a Gana, eachGana will be assigned a unique identifier. Theidentifier is a unique alphabet or akshara for aspecific gana.3. Ones identifiers are assigned to Gana for inputShloka their pattern is checked with the specificVrutta pattern.4. If the pattern matches then its a success case and theVrutta is identified as an output. The system can beexplained with the help of following example:

IMPLEMENTATION DETAILES

The overall flow of system implementation can be understood

from the block diagram in Fig.5

Consider the Shloka:

ramaao rajamaiNa: sada ivajayato rama rmaoSaM Bajoao

The stepwise analysis of the above Shloka will be done asfollows:

64

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

each gana is done according to following rules:

} are considered as Guru.

Rules for marking Laghu:

Short syllables (k...&) are marked asLaghu.b. Short syllables (k...&) followed by{i } are marked as Laghu.c. {[, ] } are also considered as Laghu.a.

3. In step 3 all Laghus are assigned number 0, and

Gurus are assigned number 1.

4. In the next step a unique alphabet or akshara is as

signed to each gana according to the order ofLaghus and Gurus appeared in that group.

The occurrence of aksharas in the fixed order yields to

identification of particular Vrutta.In the example explained above the Vrutta Shardulvikriditexists, which can be identified by the fixed pattern of Ganaidentifiers

10

{ma sa ja sa t t ga }The designed system will analyze the Vrutta and provide theoutput. The system gives the identified Gana, the Vrutta inShloka. It also gives Musical Notations in Devnagri andaccording to choice of the user; the audio file of specificenergy level will be played.The example of Vruttaidentification is given below along with the snapshots.

After identification of Vrutta the possible musical notation

are displayed to the user and audio file is played according tochoice of energy level of user.In Sanskrit Literature more than 150 Vrutta exist. Forillustration, analysis of ten Vruttas by the designed system isshown in Table 2. The table shows the Vruttanames and Gana patterns for that Vrutta.

65

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No.6, June 2015

Fig.6. Input

Fig.8. Musical Notations of Vrutta Hansagati

Fig.6. Shows the main screen which facilitates the user to

provide Sanskrit Shloka as input. The user can also select oneof the pre entered Shloka stored in text file according to hischoice.Fig.7. displays the identified Gana, Vrutta and MusicalNotations in Devnagri for the given input.In Fig.8. the suggested Musical Notations for entered inputShloka can be seen along with the audio output on violininstrumental representation.The following graph shows the number of Laghu or Guru, thenumber of Ganas for particular Vrutta and the time requiredfor computation.

Fig.7. Output

66

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No.6, June 2015TABLE.3.RESULT ANALYSIS

understand Akshar Gana Vrutta identification by Gana

formation. Ten Akshar Gana Vruttas namely Shardulvikridit,Bhujangprayat, Prithvi, Shikharini, Stagdhara, Hansagati,Vasanttilaka, Malini, Indravajra, Mandakranta are focused onfor identification. Along with identification of Vrutta possiblemusical notation, suitable for singing Shloka of particularVrutta is suggested. The choice is given to the user to play theaudio file according to his/her comfort of energy level ofsinging. The system can be further enhanced for other types ofVrutta.

From the graph shown in Table.3 it can be observed that the

time required for identification of particular Vrutta depends onthe number of Laghus and Gurus in the Shloka.

[12]

[13]

V.

CONCLUSION

Besides being a mathematical and scientific language Sanskrit

is also helpful in speech therapy. Rhythmic chanting of Shlokacreates melodious effect in body, known as Neuro-linguisticeffect. Also meaningful chanting generates the effect called asPsycholinguistic effect. In this paper, system for identificationof Vrutta is stated along with the suggestions for possiblemusical notation for particular Vrutta. This would be usefulfor the users who are unaware of the construct of SanskritShloka and relationship between Vrutta and singing pattern ofShloka. The system would also be considered as a guide to

Md. Javed Hossain

Dr. Md. Ashikur Rahman Khan

Dept. of Information & Communication Technology

Dept. of Computer Science & Telecommunication Engg.

Noakhali Science & Technology UniversityNoakhali, Bangladesh

E-H and E-Shaped microstrip patch antennas for S-band

communication covering 2-4 GHz [3] used forCommunications satellites, especially used by NASA tocommunicate with the Space Shuttle and the InternationalSpace Station etc. [3] to achieve good bandwidth as well asmitigate the problems.

AbstractThis paper represents designing & analysis of high

bandwidth Connected E-H and E shaped microstrip patchantennas. RT Duroid 5880 dielectric substrate material is used todesign these antenna. A simulation tool, Sonnet Suites, a planar 3Delectromagnetic simulator is used in this work. To fed patchantennas, co-axial probe feeding technique is applied. Theproposed antenna can provide impedance bandwidths are of50% and 56.25% of the center frequency. The result shows thatreturn loss is under -10dB. Applications for proposed antennasare specially in the satellite communications.

Width Calculation (W)

The rapid growing development in the area of wireless

communication leads to the miniaturization of the device sizealong without compromising good operational capabilities. Theantenna is one of the basic need for any wirelesscommunication. To use antenna in the reduced sizedcommunication device, the antenna structure should also betrimmed without affecting its quality of performance. In thisregard, Patch antenna plays a vital role because of its lowprofile, light weight, low volume, conformability, low cost andeasy to integrate with microwave integrated circuits [1]. Theapplications of patch antennas are many and they are GlobalPositioning System application, WiMax, mobile and satellitecommunication application, Radar and Rectenna applicationsetc. [2]. Microstrip patch antenna has also disadvantages arenarrow bandwidth, excitation of surface waves, low efficiencyetc. [1]. Many researches has already been done to improve thebandwidth and reduce the disadvantages of patch antenna.Different shaped patch antennas are proposed to overwhelm thelimitations. This work designed two high bandwidth Connected

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Where the dimensions of the patch along its length have beenextended on each end by a distance L, which is a function ofthe effective dielectric constantand the width-to-heightratio (W/h), and the normalized extension of the length, isCalculation of the Effective length (

TABLE I: Proposed Connected E-H shape Patch Antenna Design Parameters

Antenna Design Parameter

RT Duroid

Dielectric Material

2.2

Dielectric Constant(r)

(3)

Calculation of the length extension (L)

=0.412h

Material / value

(4)

Loss Tangent

9.0e-4

Height of Substrate (Thickness) (h) (mm)

1.8161

Width of the Patch (W) (mm)

34.9

Length of the Patch (L) (mm)

28.7

Frequency of operation (GHz)

3.4

B. GEOMETRY OF THE E-SHAPED PATCH ANTENNA

The E-shaped microstrip patch antenna is also simpler inconstruction. The geometry is shown in Fig. 2. Patch is alsodesigned and simulated over Sonnet Software.

Calculation of actual length of patch (L)

The actual length of the patch can be determine as(5)

Leff =L+2LIII.

GEOMETRY OF PATCH ANTENNAS

A.

GEOMETRY OF THE CONNECTED E-H SHAPED

PATCHThe Connected E-H shaped microstrip patch antenna issimpler in construction. The geometry is shown in Fig. 1 withbox wall port which is the most common types of port that usereference plane to removes the effects of the transmission lineeffect. Patch is designed and simulated over Sonnet Softwareis a planar 3D electromagnetic simulator.Figure 2. Top view of the E-shaped antenna

Input Impedance Curve

In this research, two broadbanding techniques are the

Proposed Connected E-H shape Patch Antenna

The results are explained in terms of the return loss, inputimpedance. The current density on the antenna is also showed.1.

Return Loss Curve

The first important parameter which is helpful to calculate

the bandwidth of the antenna structure is its S11 in decibelversus frequency. During this antenna feeding has been doneat the point where the return loss is minimized. The return losscurve of the designed antenna is presented in Fig. 3, andminimum S11 level of -30.39 dB is shown in m3 caption. Thefigure shows that the antenna resonates at 3.4GHz band.

The vswr circle is indicated by red circle where VSWR =2.

The input impedance curve tells us the magnitude, phase angleand vswr of the input impedance of the antenna at therespective frequencies.3. Current density DiagramThe physical meaning of current density distribution is that itis a measure how the antenna is producing a beam.

Current density Diagram

The bandwidth increases as the substrate thickness

rises[4]. Here, Thickness of proposed Connected E-H shapepatch is higher than Proposed E-shape but the E-shape patchantenna obtained higher bandwidth. The Size of the Patchincreases as the frequency decreases [4]. In this regard, theresonating frequency of connected E-H patch is slightly higherthan E-shape. So the size of the proposed Connected E-Hshape is lower than E-shape. The substrate thickness increaseresults reduces conductor & dielectric losses [4]. In this case,the E-shape patch has some conductor & dielectric losses. Asthe substrate thickness increases, the surface-wave powerincreases, thus limiting the efficiency [4]. On the other hand,as the substrate thickness increases, the quality factor Q of thepatch decreases [4] and and it increases efficiency [1]. As aresult, efficiency problem of Connected E-H shape hasreduced slightly. As the substrate thickness decreases, theeffect of the conductor and dielectric losses becomes moresevere, limiting the efficiency [4]. For a substrate with amoderate relative permittivity such as = 2.2, the efficiencywill be maximized [4] and dielectric constant 2.2 is used inConnected E-H and E-shape patch antenna. Finally theefficiency of both shape is maximum and has no conductorand dielectric losses as well as surface-wave excitation .

Figure 7. Input impedance curve of E-shaped patch antenna

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Proposed Connected E-H shape patch is higher than any

existing Connected E-H shape and also Proposed E-shapepatch is higher than any existing E-shaped patch antenna. Itwas seen that the bandwidth of that proposed E-shaped patchis better than Connected E-H shaped patch antenna.

Technology University, Noakhali, Bangladesh. His research

VII. FUTURE SCOPES

Dr. Mohammed Humayun Kabir

received B.Sc. (Honors) and M.Sc.degrees in 1993 and 1995respectively from the Departmentof Applied Physics and Electronics,theUniversityofDhaka,Bangladesh. He got Ph.D. insystem engineering from thedepartment of Electrical andElectronic Engineering, KitamiInstitute of Technology, Hokkaido,Japan. He was a Lecturer and an Assistant Professor inComputer Science and Information Technology, TheUniversity of Comilla, Bangladesh. He is working as anAssociate Professor and the head of the department ofComputer Science and Telecommunication Engineering atNoakhali Science and Technology University, Noakhali,Bangladesh. His research work concerned about PowerSystem Engineering. Now, his research work concerns aboutCommunication Engineering.

1. Increase the bandwidth more by reduceing the patch

antenna size with using higher dielectric constant of thesubstrate.2. Varying the feed elements to optimize the patchantenna.ACKNOWLEDGMENTThe authors would like to express their sincere thanks toUniversity Grants Commission of Bangladesh forsponsoring this research work.REFERENCES[1]

Prof. Dr. Sandro M. Radicella, Prof. Dr. Ryszard

Md. Javed Hossain received his

B.Sc. (Honors) and M.Sc. degreesrespectively from the department ofApplied Physics, Electronics andCommunication Engineering, DhakaUniversity, Bangladesh. He receiveda Diploma on SemiconductorTechnology from the Institute ofScientific and Industrial Research(ISIR), Osaka University, Japan. Hecompleted his one year MS degreefrom the department of Electrical, Electronic and InformationEngineering, Wonkwang University, South Korea. He workedon Computer Science Courses under Atish DipankarUniversity of Science and Technology and NationalUniversity of Bangladesh for 6 years. His research interestsinclude on digital signal processing, fuzzy logics and wirelesscommunication systems. He has been serving as an AssociateProfessor in Computer Science and TelecommunicationEngineering department of Noakhali Science and TechnologyUniversity of Bangladesh since 8 September 2013.4

Dr. Md. Ashikur Rahman Khan

has been with the Department ofInformation and CommunicationTechnology at Noakhali Scienceand Technology University since2006, and is currently an AssociateProfessor. Formerly, he worked asan Assistant Engineer in theInspection and Testing Directorateof the Rural Electrification Board, Bangladesh for the period

72

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Malaysia Pahang, Malaysia. His research interests includes

20012005. He obtained a Bachelor of Science in Mechanical

Engineering from Rajshahi University of Engineering andTechnology, Bangladesh; Master of Science in MechanicalEngineering from Bangladesh University of Engineering andTechnology, Bangladesh; and Ph.D. degree from University

73

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Deployment of Matrix Transpose in Digital Image

Abstract Encryption is used to conceal information from prying

eyes. Presently, information and data encryption are commondue to the volume of data and information in transit across theglobe on daily basis. Image encryption is yet to receive theattention of the researchers as deserved. In other words, videoand multimedia documents are exposed to unauthorizedaccessors. The authors propose image encryption using matrixtranspose. An algorithm that would allow image encryption isdeveloped. In this proposed image encryption technique, theimage to be encrypted is split into parts based on the image size.Each part is encrypted separately using matrix transpose. Theactual encryption is on the picture elements (pixel) that make upthe image. After encrypting each part of the image, the positionsof the encrypted images are swapped before transmission of theimage can take place. Swapping the positions of the images iscarried out to make the encrypted image more robust for anycryptanalyst to decrypt.KeywordsTranspose

Image

I.

Encryption;

Matrices;

Pixel;

image encryption, encryption algorithm transforms an image

into a form that cannot be recognized to be the original image.The authors here propose a new image encryption techniquethat would deploy matrix transpose to encrypt image pixel.II.

RELATED LITERATURE

Reference [1] stated that all images consist of pixels.

These pixels may have values in double or byte. An imageis represented, for all mathematical purposes, as a matrix.The matrix equivalent of an image of size NxM pixels is aNxM matrix, where each pixel corresponds to an element ofthat matrix. This is a two dimensional image. For a typicalcolour image like RGB image, the matrix representationwill be three dimensional. The additional dimension is forRed or Green or Blue proportions in a two dimensionalGrayscale image.

Matrix

Pixel is the smallest element of an image. Each pixel

corresponds to any one value. In an 8-bit gray scale image,the value of the pixel is between 0 and 255 (28). The valueof a pixel at any point corresponds to the intensity of thelight photons striking at that point. Each pixel stores a valueproportional to the light intensity at that particular location.In order to represent an image, pictures may be used toillustrate the meaning of a pixel. In a given picture, theremay be thousands of pixels. These pixels add up together toform an image. When the image is zoomed, the imageusually reveal some pixels division. Note that a digitalimage is composed of a finite number of elements, each ofwhich has a particular location f(x, y) and value. F9x,y)represent the coordinates at x and y axis. These elementsare called picture elements, image elements or pixels. Pixelis the term used most widely to denote the elements of adigital image [2].

INTRODUCTION

Image processing is a method used to convert an

image into digital form and sometimes, some operations areusually performed on it. These operations include rotate,resize, transform, etc. The aim of carrying out some operationson an image is to get an enhanced image or to extract someuseful information from it that may be further used for someother purposes. An image is a type of signal dispensation inwhich input is image, like photograph and output may beimage or some characteristics associated with that image.Usually Image Processing system includes treating images astwo dimensional signals while applying already set signalprocessing methods to them. Images like text can beencrypted.Encryption transforms plaintext messages intociphertext messages. In the earlier days, securing informationis carried out on only text related information. But today, withthe proliferation of video and multimedia documents on theInternet, there is need to also secure image documents fromunauthorized access. Images are represented using pixel,which mathematically can be represented using matrices. In

III.

IMAGE ENCRYPTION PROCESS

A picture can be encrypted in the same way that text is

usually encrypted. A sequence of mathematical operations onthe binary data that comprises an image may be deployed to

74

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

carry out an encryption processes. This can be achieved by

changing the values of the numbers contained in the image ina given manner. This scrambles the image and renders itunrecognizable.Reference [3] pointed out that a secure image encryptionalgorithm based on Rubiks cube principle uses two secretkeys equal to the number of rows and columns of the plaintextimage and that based on the principle of Rubiks cube, theimage pixels are scrambled and then,XOR operator isapplied on the rows and columns.

IV.

security of image can be achieved by various types of

encryption schemes. Different algorithms have been proposed.Among this, the chaotic based methods are considered to bemore reliable and also promising. However, this technique iscomplex in nature. The chaotic image encryption can bedeveloped by using properties of chaos including deterministicdynamics and unpredictable behaviour. There are three kindsof encryption techniques namely substitution, transposition orpermutation techniques that include both transposition andsubstitution. Substitution schemes change the pixel valueswhile permutation schemes just shuffle the pixel values basedon the algorithm. In some cases both methods are combined toimprove security.

IMAGE ENCRYPTION SOFTWARE

Today, some major computer operating systems come

with some form of encryption software. For instance,Microsoft provides BitLocker as part of its encryption withWindows 7, while the Mac OS X comes with FileVault.Dropbox, PowerFoler, and Cloudfogger are online file storagesystems that include encryption as part of their data security.Some encryption software allows images to be batchprocessed while others do not. Most encryption software canhandle common image files such as BMP, TIF, RAW, PSD,and JPG. Some image processing software are open sourceand can be downloaded from the Internet freely. However,some are only available on payment of the marketers agreedfee. One of the most popular image processing software isMatrix Laboratory (MATLAB). This is usually licensed.Reference [4] observed that the tried-and-true method ofadding encryption to a picture is through steganography,which is the art of creating hidden images. In the digital world,this is done by methods like least-significant bits in bitmapimages or flashing subliminal messages in a video stream.Steganography is very useful for putting digital watermarks inan image. Watermark is typically used to identify ownershipof the copyright of such signal where it appears. It is mosttimes used by software companies to prevent users fromcontinuous free usage of such software.As digital audio, video, images, and documents aretransmitted through cyberspace to their respectivedestinations, some individuals may choose to intercept andtake this content for themselves. Digital watermarking andsteganography technology greatly reduces the instances of thisby limiting or eliminating the ability of third parties todecipher the content of the information [5].V.

VI.

MATRICES IN DIGITAL IMAGE

ENCRYPTION

Image encryption is a new phenomenon in the encryption

process unlike text encryption which has been in existencefrom time immemorial. Several researchers have proposedsome image encryption techniques. Digital images arerecorded as many numbers. The image is divided into amatrix or array of small picture elements, or pixels. Eachpixel is represented by a numerical value. Digital imageshave an advantage that they can be processed in many ways,by computer systems.Here, we are proposing the deployment of matrices in digitalimage encryption.Reference [7] pointed out that an identity matrix which isdenoted as, In is characterized by the diagonal row of 1'ssurrounded by zeros in a square matrix. When a vector ismultiplied by an identity matrix of the same dimension, theproduct is the vector itself, Inv = v.VII. USING MATRIX FOR IMAGEENCRYPTIONReference [8] noted that a transpose of a doubly indexedobject is the object obtained by replacing all elements aij withaji. For a second- tensor rank tensor, aij the tensor transpose issimply, aji. The matrix transpose, most commonly written ,is the matrix obtained by exchanging A rows and columns,and satisfies the identity

SELECTIVE IMAGE ENCRYPTION

In selective encryption, some contents of the image are

encrypted. Encrypting only part of the entire image reducesthe execution time. Consequently, selective encryption issometimes called partial encryption. This algorithm providessecurity to the image and at the same time, some part of theimage is visible [6].Today, millions of images are transmitted in seconds acrossthe globe and as such, the security of images is becoming amajor concern to businesses across the world. Encryption is asolution to the security concern of transmitted images. The

The proposed algorithm for deploying matrix transpose in

image encryption is as below:i.ii.iii.iv.v.

75

Divide the image into parts Pi, i = 1, 2, 3 ., n

Assign each part, pi to matrices, mi, i = 1, 2, 3 ,nRead the picture element (pixel) of each matrix, MiEncrypt each matrix pixel by carrying out matrixtranspose, MiTSwap the positions of transposed matrices

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015for the award of the degree of Bachelor of Technology at NationalInstitute of Technology Rourkela, India, 2010.Available: www.ethesis.nitrkl.ac.in

Tvi. MiT =Tvii. Output Mi as an encrypted image

The decryption process is the reverse of the encrypion

algorithm as outlined above. This starts from the output andthe carries out the inverse of the individual matrix. After this,the pixel values are decrypted and reordered accordingly toarrive at the original matrix pixel values.

VIII. COMPARISON BETWEEN IMAGE

ENCRYPTION USING MATRIX TRANSPOSE ANDSELECTIVE IMAGE ENCRYPTIONSelective image encryption technique encrypts only somepart of the image leaving other parts unencrypted. This gives anadversary the advantage to use the part of the unencryptedimage to easily recognize the original image. There is no doubtthat selective image encryption technique may be easier toimplement, but since security of image is of utmost importance,the matrix transpose image encryption is more robust in termsof securing images to be transmitted across the globe.

B. Upendra, G. Shubhashish, Analysis and Implementation of

P. Tom, Properties of Matrices, Lecture Notes on Matrices and

Operations, 2015.Available: www.tomzap.com/notes.

[8]

E. W Weisstein,. Transpose -- from Wolfram MathWorld, 2004.

Available:http://mathworld.wolfram.com/

IX. CONCLUSIONEncrypting images is as important as encrypting textmessages. Today, text message encryption has had a fair deal interms of researches carried out in that area. The same cannot besaid of image encryption. For now, only few researchers areinterested in image encryption and as such, there are limitedliteratures. The proposed image encryption technique thatdeploys matrix transpose allows the encryption of the entireimage, unlike the selective image encryption that encrypts onlypart of the image.REFERENCES[1]

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Using Handheld Mobile System

To Address IlliteracyM. Samir Abou El-Seoud

AbdelGhani Karkar

Faculty of Informatics and Computer Science

The British University in Egypt BUECairo, Egyptsamir.elseoud@bue.edu.eg

Dept. of Computer Science and Engineering

Qatar UniversityDoha, Qatara.karkar@qu.edu.qa

Amal Dandashi

Islam Taj-Eddin

Dept. of Computer Science and Engineering

Qatar UniversityDoha, Qataramaldandashi@gmail.com

Academic Researcher and Computer Science Specialist,

Cairo, Egyptislam_t@hotmail.com

Jihad Al JaamDept. of Computer Science and EngineeringQatar UniversityDoha, Qatarjaam@qu.edu.qaIn Egypt, the total number of illiterate people aged 10years or more has exceeded 16 million in 2012, according tothe Egyptian Central Agency for Public Mobilization andStatistics (CAPMAS) [7]. According to [8], there exist112.81 mobile phones per 100 Egyptian citizens.

AbstractHandheld device systems have been used as tools for

teaching people with special needs due to cognitive functionenhancement by utility of multimedia, attractive graphics anduser-friendly navigation. Can a handheld device system, suchas cellular phone, be used for teaching illiterate people? Thispaper explores and exploits the possibility of the developmentof an educational mobile system to help the illiterate people inEgypt.

The flexible business model of mobile phone has proved

to be viable particularly in developing countries. Despiteinfrastructural shortcomings, high cost of ownership, limitedpower available for charging devices, mobile devices hadbeen widely penetrated the society at all levels [2].

Index TermsGraphical User Interface; Audio; Graphics;

The nature of current technological advances in the

mobile phones domain generally suggests the futuredecrease of the cost of smart phones for customers ingeneral. That includes the customers of developingcountries. Recently, in the Egyptian market, there are cheapChinese versions of Android based devices. In the future, itis expected to become more affordable to lower incomesegments.

I. INTRODUCTIONLiteracy can be defined in many ways. The U.N. definesa literate person as someone who can withunderstanding, both read and write a short simple statementin his or her everyday life [19]. Learning the alphabeticletters could be more difficult than numbers for illiteratepeople [14].

With the international effort to eliminate illiteracy, the

problems related to inequalities have deepened. Forinstance, in Egypt, children of different social backgroundsdo not have equal opportunities to learn and reap benefits.Furthermore, they are trapped and cannot get out of thevicious circle of poverty.

Although the number of illiterate people around the

world is estimated to be 800 million, they still can use themobile appropriately. For the best knowledge of the authors,little research has been done to understand the reasonsbehind that. Most of them are from developing countries andfemales represent a high percentage of the 800 million [2].

Egypt has recognized that illiteracy is one of its core

pillars to develop. Despite the effort that has been done inpast decades under different governments, educationremains a challenge. Even though the percentage ofilliteracy is decreasing, the number of people struggling to

77

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015TABLE I.

read and write is increasing. This is a sign or indication that

there are a few issues regarding the implementededucational policies. One of these issues is the approachand the way they teach the students.

ParticipantsP1P2P3P4P5

In a previous work of [15][16], the authors proposed a

system to teach deaf people using Cell phones technology.In this paper, the authors will expand and re-use theirprevious work of teaching deaf people into teaching theArabic alphabet to Egyptian illiterate people.

ILLITERATE PARTICIPANTS CHARACTERISTICS

Experience levelNoviceNoviceNoviceNoviceNovice

Age group21-3435-6512-2021-3435-65

GenderMaleFemaleFemaleMaleFemale

A. First ExperimentThe experiment will start with an introductionexplaining what tasks needed to be performed by theparticipant. The tasks are:

The authors found online products that teach Arabic

alphabet to nonspeaking Arabic people [4][5][6]. To thebest knowledge of the authors, they did not find studiescentered on teaching the Arabic alphabet to Arabic speakingilliterate people using mobile systems. The authors realizethat the problem of teaching the Arabic alphabet to Egyptianilliterate people should be divided into two steps:

First, dialing a specific number,

Next, talking for a few seconds, Last, exit the call.The results of the tasks for the five participants, see table1, are shown in figure 2. The results in figure 2 show thedialing and calling (i.e. talking) times in seconds for everyparticipant plus the average. It is clear, from figure 2, thatthe dialing time is substantially greater.

Gathering baseline data of how illiterates recognize

and react with the mobile interface, Based on the information gathered from the previousstep, a suggested system could be developed.The study will concentrate on the first past and will pavethe ground for the second part in a sequel paper.II.

DATA GATHERING

The objective of this section is to gather baseline data

about the effectiveness and the usability of the mobileinterface. The two experiments are conducted using aSamsung device, running an Android operating system thatcontains the ePhone application; see figure 1.As authors mentioned at the introduction section, thetarget of this study is to gather baseline data of howilliterates recognize and react to the mobile interface. Thisempirical study involves five novice illiterate participants.All users have no previous background of using mobilephones. Some other empirical studies involve only sevennovice participants [1]. For some empirical studyinvestigations, the baseline data is more important than thenumber of participants. The baseline data will be used forfurther investigations that involve more participants. Theprofile of the five novice illiterate participants is shown intable 1.

Figure 2. The results of the tasks for the five illiterate participants plus theaverage of the dialing time and calling (i.e. talking) time.

After the participant finishes the experiment, a general

feedback will be discussed with the participants. Thegeneral feedback discussion will focus on: How well do participant read and understand icons? Which icons were problematic and why? What participant thinks of the overall performance ofthe application?B. Second ExperimentThe experiment will start with an introductionexplaining what tasks needed to be performed by theparticipant. The tasks are: First, start a game,

Figure 1. Smart phone mobile numbers call interface

78

http://sites.google.com/site/ijcsis/ISSN 1947-5500

Next, go through the levels until reaching the results,

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015TABLE III.

TYPES OF ERRORS AND ITS MITIGATION

FOR THE SECOND EXPERIMENT

Last, start another round.

After the participant finishes the experiment, a generalfeedback will be discussed with the participants. Thegeneral feedback discussion will focus on: How flexible is the navigation/usage of the developedapplication?

Type1

ErrorInefficient Click

Wrong Answer

Rapid Clicks

Does it satisfy the needs and requirements of the test

subject?

Mitigation methodthe finger size of theparticipant are to beconsideredInstallingavoicenarrator that instructsthe participantsAdding a sound effectto their clicks toquickly adapt to theprogram

LevelIrritant

Irritant

Moderate

Does it provide an understandable interface of

minimal knowledge requirement?

C. General Feedback

What possible usability/understanding errors could

arise from the test?

The general feedback discussion, of both experiment 1

and experiment 2 with the five participants, shows that:

How tolerable are these errors, and how can they be

fixed in favor of higher usability? Are the test subjects able to go through theapplication from start to finish seamlessly?

1) Small icon confusion: The participants did not

know where they should click on to create a new contact,after hesitating for a few seconds and searching for the icondue to its size, they finally identify the icon that will leadthem to the new contact page.

The results of the tasks for the five participants, see table1, are shown in table 2, and table 3. The results in table 2show the type of errors that every participant committedwhen performed a certain task. The type of error isdescribed in table 3.

2) Multiple clicks: The participants clicked twice on

the send button in order to send the message. The first timethe participants pressed on the button while the screenkeypad was opened. The participants attempted once moreafter closing the keypad.

TABLE II.Participants

P1

P2

P3

P4

P5

3) Recognition delay: The participants press on the

image, thinking it is a button. However, they immediatelyrealize what is it? Hence, they click on the actual callbutton. When participants were attempting on exiting theapplication, they took a while to recognize which iconperforms such action. Since it is the only icon that has no adescription.

RESULTS OF THE SECOND EXPERIMENT

Tasks

Start The Game

Playing The GameReachResultsScreen&StartAnother RoundStart The GamePlaying The GameReachResultsScreen & StartAnother RoundStart The GamePlaying The GameReachResultsScreen & StartAnother RoundStart The GamePlaying The GameReachResultsScreen & StartAnother RoundStart The GamePlaying The GameReachResultsScreen & StartAnother Round

Type oferrors032

Time of eachinterface(Approx.)1 second(s)4 second(s)2 second(s)

000

1 second(s)10 second(s)3 second(s)

022

1 second(s)3 second(s)5 second(s)

4) Small icon recognition: Delay leading to hesitation.

The icon made for creating a new contact is relatively smallin comparison to other buttons. The participants invest quitesome time to search for the icon in order to create a newcontact. They are hesitating by going back and forth in theapplication page, in order to search for where the taskshould be performed?III. PROPOSED SYSTEM

000

1 second(s)5 second(s)2 second (s)

000

1 second(s)6 second (s)3 second(s)

Users interact with mobile applications through different

graphical user interface GUI components such as buttons,icons, or nested menus etc.Controversial user interface (UI) topics include theissues of inclusion [18] or exclusion [3][10] of text labels.Moreover, they use drawings [9] instead of icons. CommonUI components - the concept of soft-keys, verticalscrollbars, short text labels [11][12] and the concept of afocus in lists [20] were described as hard to understand[2].Chipchases work [13] shows that illiterate users couldperform tasks such as turn on their phones and accept

79

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

3) Game Keeper: which is responsible for reading

the score achieved in the game and storing it inthe database;

incoming calls, whereas dialing numbers to make outgoing

calls proved difficult for some. However, simple tasks suchas changing the clock or sending a message could be easyfor some illiterate users by memorizing the steps. In thatrespect, it is important to understand the causes of all theseproblems while interacting with the mobile. We should takeinto consideration that the mobile devices will be rapidlypenetrating the market of developing countries targeting themajority of population and could help support the educationof illiterate people.

4) Performance Tracker: which is responsible for

reading stored score information and displayingthem according to the attempts made by the user;5) Audio Player: which is responsible for playingsuitable audio files related to the opened page, inaddition to providing audio feedback to the userafter playing the game? Without any loss ofgenerality, from now on all snapshots of themobile application will have audio interactionbetween the user and the mobile application,even if not explicitly mentioned.

The participants in the experiment mainly faced critical

errors which would either lead them to invest too much oftheir time in order to perform a particular task or even endup discarding the task. The time spent on each taskexemplifies the delay that challenged participants face toperform a particular task.

6) Multimedia Generator: which takes as input

To design an interface for illiterate Arabic speaking

people, a number of changes need to be considered in theGUIs. It has been recommended to: Avoid long text, i.e. minimization of text reliance. Exposure to text in conjunction with audio The developer should state underneath the symbol orusing yellow tool tip text to explain what thisparticular button does. That condition is suitablemore for barely educated than illiterate. Excessive use of pictures, shapes, handwriting,special signs, and colors. Extremely value audio andgraphic support in GUIs for illiterates Increase the size of the icon and clarify what eachicon is used for. Illiterate persons may not understandthe symbol of the icon. The users were able to readand recognize nearly all icons, except the create newcontact icon, which resulted in quite some delaytime to the user. The problem behind that icon wasthat it was too small and did not have a statement ofsome sort stating what this icon does.

Figure 3. System components (need to add component of multimedia

generator)

A. System ArchitectureThe system is composed mainly of two parts: theapplication server that contains all mobile resources (e.g.,pages, games, database, etc.) and the mobile applicationwhich sends queries to the server to load the requiredresource elements, as shown in figure 4.

Aim to use more recognizable icons instead of

menus; the proposed system should require the leastpossible amount of memorization for the illiterateusers.IV. DESIGN THE PROPOSED SYSTEMBased on the previous results of [14] and [17], a mobileapplication will be designed. The mobile applicationconsists mainly of five components as shown in figure 3:1) Page Loader: contains the list of games;2) Data Keeper: This is the Game Engine. It has ascore counter that counts the time, number ofmistakes and the number of correct answers. Thegame also stores if the user has selected thecorrect answer from the first time;

Figure 4. System architecture

80

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

B. Snapshots Snapshot-1When the mobile application is launched, the followingmain screen will be displayed which allows the user toaccess the basic buttons and listen to the recorded voiceassociated with them, as shown in figure 5.

Figure 7. Snapshot-3

Snapshot-4Various icons that have particular meaning will bedisplayed in the mobile application, if the user pressed andheld any button for two seconds, a loading progress willappear on the button to play an explanation voice recordwhich explains the usage of the button, as shown in figure 8.

Figure 5. Snapshot-1

Snapshot-2By clicking the icon of the boy playing football; on thetop row in Snapshot 1, the screen shown in figure 6, will bedisplayed. The icon in the upper row can be clicked to goback to the previous screen.

Figure 8. Snapshot-4

Snapshot-5When the user enters the learning mode in the application,it will load the progress of the user stored in the mobile.The mobile application starts by reading available optionsby playing audio files and waits for the user to choose one:1) study the Arabic numbers; 2) study the Arabic letters; 3)input Arabic text to retrieve multimedia elements and 4)play games to evaluate what the user had learned, as shownin figure 9.

Figure 6. Snapshot-2

Snapshot-3When the user clicked the icon possible (Arabic:Momken), it is possible for him to click he icon drink(Arabic: Ashrab) located in the middle, therefore, acollection of drink flavors will be displayed to allow him toselect the flavor he wants, as shown in figure 7.Figure 9. Snapshot-5

81

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Snapshot-9The screens A and B, shown in figure 13, are pages usedto teach the user Arabic letters. The application reciteArabic letters, as shown in screen A, then several examplesare given for each letter, as shown in screen B.

Figure 10. Snapshot-6

Snapshot-7After watching the lesson, the user can play gamesrelated to the lesson for self evaluation. The followingscreens A and B , shown in figure 11, show two differentgame evaluation pages to evaluate what the user learnedabout the enumeration of objects. In screen A, the user isasked about selecting the appropriate number that ispresented by the hand; in screen B, he is asked to sortnumbers drawn on eggs in the right order.

BFigure 13. Snapshot-9

Snapshot-10The screens A and B, shown at figure 14, represents agame that evaluates the user through various questions indifferent styles about what had been learned about Arabicalphabetic letters. In screen A, the user is asked to select theimage where its name starts with the presented letter. Inscreen B, the user is requested to connect the appropriateletter with its corresponding image that its name starts withthe presented letters.

BFigure 11. Snapshot-7

Snapshot-8The following screens A and B, shown in figure 12, isanother game pages to evaluate the user and what beenlearned about the order of the week days. In screen A, theuser is asked to sort days by selecting the appropriate daywritten on the mushroom. In screen B, the user is required tosee which day the boy is asking for, and select theappropriate day written on each leaf.

BFigure 14. Snapshot-10

Snapshot-11After watching the adding process lesson, the user canplay games related to that lesson for self evaluation, as

82

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Snapshot-14After playing the game, feedback results will be displayedfor the user in both written and audio forms as shown infigure 18. The score is divided into three fields:

shown at figure 15. The user is asked to select the correct

answer from the presented numbers.

a) Completion time (in ms),

b) Number of correct answers from first attempt,c) Number of wrong answers.

Figure 15. Snapshot-11

Snapshot-12In the snapshot 12, shown in figure 16, an animatedcartoon lesson that teaches a lesson about week days. Itgives full explanation how to pronounce days in order andhow they are ordered. The lesson explains how days aresorted by constructing and connecting train parts in orderaccording to the written day on each part.

Figure 18. Snapshot-14

V. CONCLUSIONA number of researches concurred that the currentmobile phone user interface design is not highlyrecommended or suitable for illiterate individuals [14].They found that utilizing audio and graphic support in userinterfaces is highly valuable for the enhanced cognition andusage friendliness for illiterate people [14].Figure 16. Snapshot-12

The study of the relation between illiterate, semi-literate

people and their society in the context of using mobilephones is still at its beginning stages. The rapid technicaldevelopment and the changing market of mobile phonescertainly increase opportunities for illiterate individuals interms of cognition and communication.

Snapshot -13Snapshot 13, shown in figure 17, demonstrates anexample of the feedback a user would get after enteringArabic text into the system that translates as, A rabbithas brown or white fur. It eats carrots and moves aroundby jumping.

The use of enhanced GUI systems, complemented with

multimedia support such as audio, image and video enhancethe usage experience for people with literacy relatedchallenges. In this study, the authors paved the ground forthe proposed system to be investigated in a sequel paper.REFERENCES[1]

Abstract: Friendly interface is necessary to make the system more efficient and effective. The development of Urdurecognition is key element of research as it provides an efficient and natural way of input to the computer. This paperpresents a framework based on Urdu layout and recognition of handwritten digits and text images by using differenttechniques. After the survey on Urdu documents the following conclusion is made regarding the Data set, Techniquesand algorithms that the most widely used technique is HMM and Data set involves the training set which containsdifferent image styles and sizes and also hand written text.Keywords: HMM, Urdu documents, Rule based Approach

related to ToC extraction. ToC page detection, ToC

parsing and to link the actual pages with theserecognized parts are the three areas in which ToCresearch can be distributed.In the paper we have presented differentrecognition techniques including Word-level,HMM, complete level, Annotation, for handwritten text images. BPNN for offline hand writtenUrdu digits and for online STNN, OLUCR, andTree based Dictionary Search, Intuous WacomBoard is used. Neural Network for OCR Urduscript and for pattern matching approachMorphology Technique has used. SmoothingTechnique, bigram NER tagger are used for multifont numeral recognition for Urdu script. Fuzzylinguistic, HMM, Hybrid Approach for extractionof named entities (NEs) from the text.HMM andHybrid approaches are presented for both domainsof multi-font numerals recognition. Databaseretrieval approach has used in word spotting inscanned Urdu documents. We have mentioned theproblems in the recognition of handwritten andscanned text images in Urdu script and the solutionby applying the above mentioned techniques in theproposed approach.Remaining paper is prescribed as follows:Section II defines the associated work done onUrdu document, section III describes the analysisof all the research papers on which survey isconducted, section IV contains the conclusion andsection V describe the future work and then at theend reference is provided.

I.INTRODUCTIONIn order to make the system more and moreefficient there should be friendlier interface so thatthe user can with no trouble intermingle with thecomputer. However many researches are made tomake human computer interaction increasinglyresponsive. The improvement of Urdu recognitionis the key element of the research as it provides anefficient and natural way of input to the computer.The natural language of Pakistan is also Urdu andis articulated in more than 22 states containingalmost 60 million native speakers. It contains 38alphabets out of which 17 have dots either above orbeneath them. Urdu script is written from right toleft. The most popular script of writing Urdulanguage is Nastaleeq, developed from twodifferent scripts; Naskh and Taleeq. This paperpresents a framework based on Urdu layout andrecognition of handwritten digits and text imagesby using different procedures. The capability of acomputer to understand handwritten and scanneddocument is important as it can yield efficientresearch.The process of ascertaining layoutarrangements by investigating page images iscalled layout analysis. It can be physical orlogical. Here we present a layout analysis systemfor Urdu documents images by extracting text linein reading order. The hand written numeralrecognition has problem of similarity betweenhandwritten numerals and dual style for Urdu.Image understanding is concerned withthe taking out of semantic information of adocument. In order to steer through documentsTable of Contents (ToC) is being used whichenables a person to steer through large volume ofscanned pages competently. This paper is offeringa quick analysis on various approaches in the area

II.

LITERATURE REVIEW

This section encloses the brief explanation of all

the research papers which are analyzed.A) Online Urdu Character RecognitionSystem [1]

85

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

The research paper proposed a numerical

examination of Urdu corpus to assemble andorganize the Urdu cords. To reduce the class count,the ligatures with similar primary components areclubbed together. Initially the Urdu word isfragmented into ligatures and remote characters forcharacter segmentation. The ligatures are thenfurther segmented into characters. It is mentionedthat for developing the complete ligaturerecognition system, there should be anidentification of all likely main and subordinateassociated components.F) AnAnnotatedUrduCorpusofHandwrittenTextImageandBenchmarking of Corpus [6]The methodology proposed in this paper is todesign and produce Urdu corpus consists ofcomplete Urdu text sentences. Measurements of theUrdu corpus comprise database in handwritten textforms. To captures the supreme syntacticdistinctions, forms will be occupied by differentauthors having varied upbringing and belonging todiverse geographical positions. The benefit of theProposed corpus is that it would provide facilitiesto further add more words by same procedure ofmarkup where all annotation information will beentered manually during the insertion of newhandwritten text form.G) AutomaticRecognitionofOfflineHandwrittenUrduDigitsInUnconstrainedEnvironmentUsingDaubechies Wavelet Transforms[7]For the handwritten Urdu Digits an OCR systemhas been presented in this paper. The approachused in this paper include the major function of adesign recognition system is to produce decisionsregarding the class membership of the designs withwhich it is challenged. In this work, variousDaubechies Wavelet Transforms have been appliedto excerpt the wavelet factors.The recognition accuracy is enhance by the use ofthis approachH) The optical character recognition ofUrdu-like cursive scripts [8]This paper establishes one of the infrequentexertions in amassing the works concerning Urdulike script recognition with distinct reference to theNasta'liq and Nashk script formats. We cansummaries the whole survey of the paper as a hugeset of characters and resembled-shaped-charactersmake the case of the Urdu-like scripts moremultifaceted and puzzling. The offline charactermatching is perhaps difficult than its onlinecounterpart as not more information is accessible.The approach established significantly preciseresults with many documents, such as newspapersand books. The advantage of the theory is that itmay not only reduce the lexicon but also help us tobuild a multilingual OCR.

New System is introduced which focuses on

the Online Urdu Character Recognition usingSegmentation free Technique that is therecognition of one complete word, in spite of everysingle word, these words when combined togetherformulates the complete sentence. The techniquemainly involves BPNN (Back Propagation NeuralNetwork) for training the dataset. Although theproposed system is very efficient, but there is a lotmore to discuss, hence the future can still do betteradvancements in this field of Human ComputerInteraction.B) Optical Character Recognition System forUrdu (Naskh Font) Using PatternMatching Technique [2]This research paper focuses on the offlineOCR for Naskh font in Urdu language. The newsystem is announced which works oncorresponding pixel values of the models alreadyput in storage with pixel values of those characterimages to be renowned. The Pattern matchingmethod for Optical Recognition, on which thedataset is trained, is described for the proposedsystem. The algorithms used for the RecognitionSystem are listed, which are as follows, ChainCode Calculation, Line Segmentation andCharacter Segmentation.C) A Framework for Word Spotting InScanned Urdu Documents by Exploitingthe Dot Orientation [3]This paper presents a data reductionframework in Urdu scanned documents, basedupon exploiting the dot orientation for wordspotting. Due to the higher number of dots in Urdualphabets (as compared to English) and the ease ofcalculation, the dots orientation was proved to be agood choice for word-spotting, which wasdemonstrated in the paper. The proposed algorithmfor the system implements five phases, which areas follows: Document Tilt Removal, Dot Spotting,The Dot Character Database, Text Size Variationand Word Spotting. The algorithm was applied todifferent documents and results were generated.D) OCR-Free Table of Contents Detection inUrdu Books [4]This paper reports an initial struggle to addressthe task of identifying old documents TOC thatcannot be operated using OCR technologies. Theresearch presented in the paper is all about dealingthe TOC page detection through OCR freealgorithm. The suggested algorithm is acombination of rule-based techniques and machinelearning and it feats the precise characteristics of adistinctive Urdu TOC page. The proposedalgorithm is evaluated on Urdu books and digests.Submission of such algorithms may comprise offline and/or on-line digital libraries of cursivewritings.E) Choice of Recognizable Units for UrduOCR [5]

86

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

equally online and offline sphere are applied to take

out the variations and to enhance the competencefor online input of the recognition system. In thispaper different techniques are performed on theinput hits from both offline and online views. Thisinvolvesstrokesegmentation,de-hooking,interpolation, combine strokes, smoothing and baseline. The efficiency can be increased by using thejoint processing for online and offlinepreprocessing strokes are converted into image toachieve offline preprocessing steps.N) Layout Analysis of Urdu DocumentImages [14]For Urdu documents a layout system isdescribed in this paper. This method had shown asdealing perfect on Roman draft so it was modifiedto Urdu documents. The assessment of thealgorithm is completed in two steps. The first stepevaluates the errors which are in text-line, and theother part calculated the reading order algorithm.Newspaper documents demonstrated to be thehardest class giving several tasks as compared toothers.O) Challenges of Urdu Named EntityRecognition: A Scarce ResourcedLanguage [15]In this research paper a brief overview ofNamed Entity Recognition system is described.The process of searching the text to detect entitiesin a text and to categorize them into alreadydefined classes such as the names of organizations,locations, expressions of times, persons, quantitiesis called NER. Urdu NER task has not beenthoroughly investigated or experimented with dueto scarce resources and the inherent complexfeatures. Hence Urdu language demands detailedinvestigation regarding the application of differentexisting techniques employed for NE in differentlanguages.

I)

N-gram and Gazetteer List Based Named

Entity Recognition for Urdu [9]This paper has presented a statistical NamedEntity Recognition (NER) system for Urdulanguage using two basic n-gram models, namelyunigram and bigram. This work presents astatistical approach using n-gram for Urdu NER.The objective of this NER system is to recognizefive classes of NEs; Person, Location,Organization, Date and Time. A transitory reviewof different procedures used for the NER task indiverse languages is shown. In this papersignificant results have been produced even with asmall sized training data.J) Multi-font Numerals Recognition for UrduScript based Languages [10]The resemblances and differences betweenthese two scripts old Arabic and Urdu haspresented in this paper from the characterrecognition viewpoint. Rule based technique,HMM and Hybrid approach is presented todistinguish the online digit identification written inboth Arabic and Urdu forms from both online andoffline. The suggested technique work for numbersinput. In this paper the difficulty of parting of Urduand Arabic numeral has solved.K) Segmentation Based Urdu NastaliqueOCR [11]To explore system based upon segmentationthis is capable of recognizing Urdu Nastalique font.The main concern of this paper is on thedevelopment of OCR by using Hidden MarkovModel, because it can accurately handle large datasets and can be qualified to grip noise plusdistortion to some extent, and rule based postprocessor. The system takes a monochromescanned image. Few letters are not recognizedaccurately because the technique still needs to betested on real data and extended to cover the entireset of Urdu letters at a variety of font sizes.L) An Efficient Method for Urdu LanguageText Search in Image Based Urdu Text[12]A simple and healthy technique of discoveringa character in Urdu text images is presented in thispaper. The method which has proposed isindependent of script. Initially image is matchedwith a set of example characters demonstratingeach class. The space between every input imageand each example character is calculated, and thecharacter is allocated to the class of the trialproduct generating the perfect match. Resultsdescribe template matching technique can beapplied to discover a character or whole ligatureinside an image accurately.M) CombiningOfflineandOnlinePreprocessing for Online Urdu CharacterRecognition [13]In this research paper a new technique isoffered for compiling of Urdu online text in which

III.ANALYSISThe research paper tabulates all the 15 researchpapers on the basis of following parameters.Training set, testing set, recognized set, strokes,letters shape, font style, image style and type,image size and category of data. All theseparameters are categorized under the heading ofcharacter set as they describe the question andspecification of data used in research papers.Furthermore, the different other parameters are alsoevaluated which are smoothing, chain codegeneration, storing the calculated strings,segmentation, image transformation, filters,document skew angle removal and recognitionalgorithms. All of these are categorized under theheading of Algorithm, as they describe the methodused for extracting the desired output needed forfurther evaluations. All these parameters with theirpossible values are tabulated in table I (ParameterTable).

87

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

large focus is on the Matching technique too that

implements the evaluation of effects of treatmentby comparing different units. It enhances theconcept of systems from training set to testing setand recognition is hence more authenticated.As the spot light is on Urdu documents, theimportance of Urdu is due to its characters. For thatreason OCR cannot be neglected which is used toconvert images of type written and printed text intomachine encoded text.

Analysis describes the detail examination of

different features in a system. Our paper analysesthe surveyed research paper on the basis ofdifferent parameters listed above and their divisionis described in the above paragraph.The first portion is Data set that describes thelist of those parameters that form the data set fortraining and testing. The data set involvescharacters and images also. Hence their type, styleand size are analyzed in this portion and arepresented in Table II.The second portion of parametric analysisdivides parameters into a set of algorithm havingdifferent possible values for them in each researchpaper individually. Analysis presents the followingalgorithms to be used extensively Segmentation,Image Transformation, Filters and severalrecognition algorithms. These are tabulated in tableIII.Obviously, there must be a proper way ofcarrying out a particular task, in term of Urdudocuments recognition, it is specified as scientificprocedure and generally categorized as Technique.Different research papers use different techniquesto achieve the desired results, the techniques arelisted algorithms their respective research papers intable II (a). On the basis of strokes, ligature andother parts of Urdu languages corpus; therecognition is difficult but the analysis shows anaverage precision of 65-70% for the given data setsof analyzed research papers. Similarly recognitionaccuracys average is also difficult but itspercentage is more than recognition rate, which isabout 92-93%.

IV.CONCLUSIONAfter the survey on Urdu documents thefollowing conclusion is made regarding the Dataset, Techniques and algorithms, efficiency andeffectiveness. Widely used Data set that involvestraining set, here is images in which character isdefined [1], [6], [8] and [11], in which hand writtentext is focused [6], diactrics in [1], [3], [9], [10],[11], [12] and [15].font style Naksh used in [2] and[8] and Nastaleeq in [3],[4]. Letters shape is alsodescribed in the [8]. In addition image type, styleand size is also recommended. Overall gray scaleimage is widely utilized to give desired output.Segmentation is widely used. [2], [3], [6], [8], [10]and [13] defined many types of segmentation.Image transformation algorithm is also used alongwith recognition algorithms.HMM is extensively used technique that useshidden states to build a system in the given paper, itis used in four research papers [6],[10], [11] and[15].For the storing of data most widely usedtechnique is Rule-based technique. Hence in thepaper experts only use it for building new stylestoo. This is executed in [4] and [15]. Similarly the

88

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Asst.Professor, Department of Computer Science, K.S.Rangasamy College of Arts and Science,

certain amount of computing resources which is adequate

with workload requirements. The cloud service providerscan consolidate all the VMs into a few numbers of physicalhosts, keeping in mind the end goal to lessen the aggregatenumber of obliged physical servers and abusing servercapacities all the more completely, permitting cloudproviders to spare cash on equipment and vitality costs. VMconsolidation method is the key sympathy toward attainingeconomy of scale in a cloud data center domain [5].The advent of virtualization technology enables the physicalserver consolidation in datacenters which plays a vital rolein minimizing the number of physical servers used andenergy consumption also. Various approaches has beenprovided by the researchers for server consolidation in datacenters but none of them have been considered all theaspects of the server consolidation which ensures the QOSas well as reduced cost for the datacenter administrators.Therefore a new algorithm is needed in order to providebetter service to the cloud users and at the same timereducing the operational cost to the service provider. Placingthe VM in the appropriate host is necessary for ensuring theeffective resource utilization and minimizing the datacentercost as well as power. To address this problem in this paperwe propose a new efficient hybrid genetic based host loadaware algorithm for scheduling and optimization of virtualmachines in a cluster of Physical hosts. We divide thisproblem into two following categories.A. Initial Scheduling of VMsThe Virtual Machine allocation problem in a cloudinfrastructure is investigated by many researchers in thepast. But the majority of the presented mechanisms paid no

Abstract: Mapping the virtual machines to the physical

machines cluster is called the VM placement. Placing the VMin the appropriate host is necessary for ensuring the effectiveresource utilization and minimizing the datacenter cost as wellas power. Here we present an efficient hybrid genetic basedhost load aware algorithm for scheduling and optimization ofvirtual machines in a cluster of Physical hosts. We developedthe algorithm based on two different methods, first initial VMpacking is done by checking the load of the physical host andthe user constraints of the VMs. Second optimization of placedVMs is done by using a hybrid genetic algorithm based onfitness function. Our simulation results show that the proposedalgorithm outperforms existing methods and enhances the rateof resource utilization through accommodating more numberof virtual machines in a physical hostIndex Terms: Virtual Machine, Physical Machine Cluster,

VM Scheduling, Load Rebalancing, Load Monitoring.

I. INTRODUCTIONInfrastructure-as-a-Service (IaaS) is the most fundamentaluse of cloud computing. The virtualization technology is thebase to form an IaaS platform. This proposes the entirecomputing resources for deploying and executingapplications, storing data, or accommodating a companyscomplete computing environment [3]. Virtualizationtechnologies guarantee opportunities for cloud data centersto host applications on shared infrastructure. Data centerexpenses can be lessened by using virtual machines (VMs)Cloud data center providers can create a huge number ofvirtual machines (VMs) for different types of workload andspecification requirements.[4] Each VM is configured with a

92

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

combining time series forecasting techniques and bin

packing heuristic but the model has not included therelationships between multiple resources, like CPU and I/O.In [9] the VM placement algorithms make use of thebehavior of VMs to have some properties in general. In [10]for the placement of virtual machines to physical machines atwo level control management system is used and it usescombinatory and multi-phase efficiency to solve potentiallyinconsistent scheduling constraints. In [11], VM schedulingconstraints are considered as single dimension in amultidimensional Knapsack problem.In [12], the VM scheduling policy is primarily dealt outfrom the viewpoint of network traffic and three commonscheduling algorithms have been introduced for Cloudcomputing and simulation results provided. In [13] theperforming load balancing in data centers are intensivelystudied the heuristics has been used as a common approachamong systems to enables the load balancing amongphysical servers. In [14] the performance variations havebeen identified and monitored in a physical server hostingVMs. A few simple VM placement algorithms like timeshared and space-shared were presented and compared in[15] and introduced a method to model and simulate Cloudcomputing environments, in which the algorithms can beimplemented. In [16] pioneered methods for virtual machinemigration and proposed some migration techniques andalgorithms. [17] Evaluated most important load-balancescheduling algorithms for conventional Web servers.VectorDot a novel load-balancing algorithm has beenintroduced in [18] to work with structured and multidimensional resources limitations by taking servers andstorage of a Cloud into account. A countable measure ofload imbalance on virtualized data center servers has beenproposed in [19]. In [20] a comparative study of widely usedVM placement strategies and algorithms for Cloud datacenters has been presented. An overloaded resource basedVM placement approach has been presented in [21]. In ourprevious study [22] the comparison of various VMscheduling algorithm has been presented and demonstratedthe necessity of new efficient placement VM placementalgorithm.A genetic based simulated annealing algorithm foroptimization of task scheduling in cloud computing has beenproposed and implemented in [23]. This algorithm onlyconsiders the QOS necessities of various types of tasks.Some of the genetic operators that use the group-orientedstructure lead the better results when compared to the nongrouping genetic based algorithms which are not use suchgrouping feature. In [24] [25] they used the grouping basedgenetic algorithm to reach better results than conventionalmethods and universal heuristic algorithms.

attention to the ever changing load of the physical host and

dynamic nature of the Virtual Machine deployment requeststhat frequently reaches the cloud provider infrastructure.Here we present an efficient hybrid host load awarealgorithm for scheduling virtual machines to a cluster ofPhysical hosts. We developed the algorithm based on twodifferent methods, first by checking the load of the physicalhost, the load factor of a physical host can be measured bythe way of analyzing utilization level of the individualresources like CPU, Memory and Network bandwidth.Second by considering the past utilization activities of a VMto a physical host.B. Ongoing Load Rebalancing or OptimizationRebalancing of load in datacenter environment need liveVM migrations but more number of frequently moved VMsbetween physical hosts causes increased network bandwidthutilization and datacenter cost hence the load rebalancinghas to be achieved with minimum number of VM migrationsin order to solve this issue we used a modified version ofhybrid genetic algorithm for load optimization. The maincontribution of this paper includes the introduction ofvirtualization technology, a new proposed algorithm forinitial VM scheduling, ongoing load rebalancing oroptimization and validation of the proposed algorithm on asimulated environment for its goals.The rest of the paper is organized as follows: In Section IIwe describe the related work while in Section III placementproblem under study has been explained, we present thedesign model to explain the proposed strategy in section IVThe proposed algorithm for VM scheduling is discussed insection V. Load balancing and VM optimization based ongenetic algorithm is presented in section VI. Section VIIshows the experimental setup and results acquired by ourtechnique compared with some of the existing strategy foroptimal VM placement and optimization. Section VIconcludes the paper and spotlights some possible futuredirections.II. RELATED WORKMost of the IaaS cloud data centers uses virtualizationtechnology since itprovides a good flexibility in theprovisioning and placement of servers and their associatedworkloads and cost savings [6] [7] while this modelprovides a number of advantages, it is essential to administerthe allocation of virtual machines to the physical hosts in thedata center. Even though a lot of researchers have beenstudied this virtual machine mapping problem in the past wedraw attention to some of the closest work in perspective ofour point.In [8] the number of physical machines needed to deploy therequested virtual machine instances are reduced by93

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

The overutilization of physical servers results in violating

the SLA and quality of service constraints. Efficientallocation of Virtual machine instance request will meetclient requirements, improve the resource utilization,increases the overall performance of the cloud computingenvironment and also decreases the number physicalmachines used. Therefore an efficient VM scheduling andongoing load monitoring and optimization in IaaS is animportant cloud computing problem to resolve.IV. DESCRIPTION OF DESIGN MODELTo address the VM scheduling and ongoing loadoptimization problem we have proposed a multi dimensionalphysical host load aware scheduling and hybrid geneticbased optimization algorithm and we implemented thisheuristics in JAVA using Netbeans IDE.

III. PROBLEM FORMULATION

The major principle of the IaaS cloud computing system isthat its user can make use of the resources to have goodperformance and economic benefits. With the support ofvirtualization innovation the resources can be conveyed tothe users in the form of virtual machines hence an efficientvirtual machine allocation policy and management processis required to avoid underutilization or overutilization of thephysical machines which may affect the quality of servicesof the IaaS cloud. The under utilization of servers is a wellknown expenditure concern in cloud management. Lowutilization of server resources leads to the usage of morephysical machines, increasing expenses for machine powerand capital and operational expenses for cooling systems.Moreover, surplus machines require more carbon footprint.

Figure 1: Framework model for VM placement in a cluster of physical machines

by virtual machine optimizer we used a modified version ofgenetic algorithm for load optimization.

The above figure shows the framework model in which the

proposed algorithm is implemented. Here the physicalclusters can be formed by adding a set of physical serverseach server contributing its own share of resources such asCPU cores, main memory, disk capacity and networkbandwidth. The users can create virtual machine instancesby giving their requirements for running the applications andthe VM requests are submitted by the users to the computingsystem. As the submitted VMs enter to the cloud they arewait for their turn in the stack. The VM requests can behandled by the virtual machine scheduler and it finds theappropriate physical machine by estimating the VM size andchecking for the availability and capacity of the physicalmachine when it finds the appropriate physical machine theVM scheduler immediately allocates the identified physicalmachine to the virtual machine instance request in queueand the required resource can be allocated to the virtualmachine. Rebalancing of load in this environment is handled

V. ALGORITHM DESIGN FOR THE PROCESS OF VIRTUAL

MACHINE ALLOCATION

This is a simple and efficient method that uses the load

factor of the physical machine and also VM constraintsgiven by the user about the VM resource requirement. It alsoidentifies the overloaded physical machine and selects theVM to migrate based on the past behavior of the VM andpicks the appropriate PM based on its resource utilizationrate. Then it discovers the underutilized PMs and migratesthe VMs running on it to some other suitable PMs, and turnit off in view of energy saving. Since accurately forecastingthe resource requirement and behavior of the VM is notpossible our algorithm utilizes the user deployed resourcedetails of workload of the VM and considers the load factor94

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

of the physical machine as well as physical machine cluster

to identify the appropriate PM for the given VM request. Weuse bin packing heuristic combined with three differentalgorithms to minimize the number of Physical machinesrequired to place a set of VMs, quick and correct placementof VMs , maintain balanced load among the servers,increase the resource utilization rate and importantly doingall these things without violating any SLA agreements.N number of virtual machines with resource requirementsVR (CPU, Memory, N/W Bandwidth) to be placed on a setof M physical machines with resource capacities ofPR(CPU, Memory, N/W Bandwidth) grouped in K numberof physical machine cluster.Consider PM as a set of all the physical machines in theentire system, where PM = {PM1, PM2, PM3 PMm }. mis total number of the physical machines and an individualphysical machine can be denoted as PM i, where i denote thephysical machine number and range of i is (1 <= i <= m).Similarly, the set of VMs on the physical machine i, can be{VMi1, VMi2.VMin} here n is the number of VMs on thephysical server i. If we want to deploy VM j on the PMi thenthe load of the CPU, RAM and bandwidth has to becalculated individually. The CPU load of the PMi at the timeinterval ts is denoted as follows

PMCk WL,ts

VMij cpu,ts

resource

The amount of RAM utilized by all the VMs of PMi at the

time interval ts can be denoted as follows,n

VMij ram,ts

The amount of Network Bandwidth utilized by all the VMs

of PMi at the time interval ts can be denoted as followsn

PMi nbw,ts

VMij nbw,ts

resource

(5)

Where resource {CPU, RAM, Network Bandwidth} and

Wresource is the weight associated with each resource THvalue is the threshold value set by the administrator if theload goes beyond this value the host can be considered asoverloaded host and the selected VMs has to be migrated toother appropriate physical machines.VI. DYNAMIC VM PLACEMENTIn this process the objective is to place the VMs in PMs in away that the total number of PMs required to place all theVMs is decreased. So we considered this a multi potentialbin packing problem since this is a NP-hard problem, weprovide a heuristic based on multiple policy. In the earlierstages of allocation most of the PMs are underutilized or notused so our heuristics works as like the first fit schedulerwhich is a simplest one to implement and which increasesthe response time of VM placement. As the number of VMgrows in the datacenter the utilization level of PM is alsobeing considered by our heuristic which really helps inmaintaining the balanced load among servers. Towards theclosing stages the heuristic works according to the nature ofthe VMs workload that is gathered from the user providedhints which helps in avoiding the bottleneck of a particularresource as well as avoiding the violence of any SLAagreements. The algorithm which is used to achieve thesethings is given below.Algorithm 1: Dynamic VM placementStep1:- The VM requests given by the user at the time ti isconsidered for allocation and scans the values of number ofCPU cores, amount of RAM and amount of N/W bandwidthrequired.Step2: In this algorithm the scheduler maintains an indextable for physical clusters and physical machines as well astheir states whether available or busy.Step 3: The scheduler scans the index table of the physicalcluster for the load below 50 %, from top until the firstavailable physical cluster is found or the index table isscanned fully.Step 4: If the physical cluster is found then scan the indextable of physical machines for the load below 50 % in all

PMi ram,ts

Where PMCk represents the kth physical machine cluster of

the datacenter,WL represents the weighted load of physicalmachine cluster at time interval ts and PMi represents the ithphysical machine of the Physical Machine Cluster kAt any time interval the total VM load of a PM should notexceed the host capacity PMi Wresource usage (ts) TH value PMi Wresource capacity

PMi cpu,ts

PMi WL ,ts 1

Where PMi represents the ith physical machine of the

Physical Machine Cluster k, VMij represents jth virtualmachine of the PMi and cpu, ram and nbw denotes theamount of CPU, RAM and Network Bandwidth utilized byall the VMs of the PMi respectively.Hence derived from (1),(2) and (3) the weighted averageload of the Physical Machine Cluster kat time interval ts can be denoted as follows

95

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

of load after placing the new VM, then return the ID of thephysical machine to the main controller.Step 26: Assign the VM to the identified PM.Step 27: Update the index table of the PM and Physicalcluster and go to the step 1.Step 28: Else go to step 22Step 29: If the requested VM is a memory intensive thenscan the PM index table for the least amount of RAMutilized from the top until the first physical machine isfound.Step 30: If host has enough RAM to fulfill the VMs memoryrequirement and will not surpass 90% of load after placingthe new VM, then return the ID of the physical machine tothe main controller.Step 31: Assign the VM to the identified PM.Step 32: Update the index table of the PM and Physicalcluster and go to the step 1.Step 33: Else go to step 22Step 34: If the requested VM is a network intensive thenscan the PM index table for the least amount of networkbandwidth utilized from the top until the first physicalmachine is found.Step 35: If host has enough bandwidth to fulfill the VMsbandwidth requirement and will not surpass 90% of loadafter placing the new VM, then return the ID of the physicalmachine to the main controller.Step 36: Assign the VM to the identified PM.Step 37: Update the index table of the PM and Physicalcluster and go to the step 1.Step 38: Else go to step 22

three major resources, from the top until the first physicalmachine is found.Step 5: When found return the ID of the physical machine tothe main controllerStep 6: Assign the VM to the identified PM.Step 7: Update the index table of the PM and Physicalcluster.Step 9: Go to the step 1Step 8: If not found then scheduler scans the index table ofthe physical cluster for the load below 70 %, from top untilthe first available physical cluster is found or the index tableis scanned fully.Step 9: If the physical cluster is found scan the index tableof the PMs based on the requirements of the requested VM.Step 10: If the requested VM is a CPU intensive then scanthe PM index table for the amount of CPU utilized is below70 %, from the top until the first physical machine is found.Step 11: When found return the ID of the physical machineto the main controllerStep 12: Assign the VM to the identified PM.Step 13: Update the index table of the PM and Physicalcluster and go to the step 1Step 14: If the requested VM is a memory intensive thenscan the PM index table for the amount of RAM utilized isbelow 70%, from the top until the first physical machine isfound.Step 15: When found return the ID of the physical machineto the main controllerStep 16: Assign the VM to the identified PM.Step 17: Update the index table of the PM and Physicalcluster and go to the step 1Step 18: If the requested VM is a network intensive thenscan the PM index table for the amount of networkbandwidth utilized is below 70%, from the top until the firstphysical machine is found.Step 19: When found return the ID of the physical machineto the main controllerStep 20: Assign the VM to the identified PM.Step 21: Update the index table of the PM and Physicalcluster and go to the step 1Step 22: If Physical Cluster is not found. The schedulerscans the index table for the load below 80 %, from top untilthe first available physical cluster is found or the index tableis scanned fullyStep 23: If found scan the index table of the PMs based onthe requirement of the requested VM.Step 24: If the requested VM is a CPU intensive then scanthe PM index table for the least number of CPU coresutilized from the top until the first physical machine isfound.Step 25: If found check the host has enough CPU cores tofulfill the VMs CPU requirement and will not surpass 90%

VII. LOAD BALANCING AMONG PHYSICAL SERVERS

Since virtual machine workloads frequently changeeventually, the well primary placement choices is notsufficient to maintain the balanced load. So it is essential todynamically rework placements to make QOS constraintsare to be satisfied while change in the data center load.Maintaining balanced load among server requires morenumber of VM migrations which leads to increase theoperational cost of the service provider so VMs should berearranged in a way such that the number of VM migrationsshould be minimized while satisfying resource utilizationand load balance. In this type of multifaceted problems,even the most prominent algorithms cant realize all theassociations between VMs, physical servers, and physicalclusters to lead the most finely optimized solution. In orderto achieve this goal a new grouping based genetic algorithmis proposed and we believe that our new algorithm is usefulfor this kind of complex optimization problem.A. Grouping Genetic Based Algorithm Design for LoadBalancing among Physical Servers96

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

demanded CPU of the jth VM of the ith Physical host at the

time slot ts.

Genetic algorithm is a better searching technique for VMs

mapping problem because of its enhanced optimizationability and parallelism advantages to solve complexproblems.The common steps of the Genetic algorithm are summarizedas follows: Creation of an initial population The below steps repeated until it reaches thestopping condition Select chromosome pairs for mating perform cross-over to generate new offsprings Calculate the fitness value of new offsprings Create a new population

Where PMi(Rram,ts) represents the remaining RAM of ith

PM at the time slot ts ,Tram represents the total RAMcapacity of ith PM and VMij(Dram,ts) represents thedemanded RAM of the jth VM of the ith Physical host at thetime slot ts.

B. Creation of an Initial Population

Genetic algorithm is executed in parallel on a set of selectedphysical servers. So creating Initial populations plays animportant role [26] in genetic algorithm so we develop anovel algorithm to generate initial population. In solutionspace for these physical hosts Selection process chooses thesolution vectors according to the probability which isproportional to the fitness value. Then the algorithm crossesthe chosen product vectors and performs mutation operationon the crossed product vectors based on the fitness value.The algorithm continues the same stage until it reaches outthe terminating situation, followed by the crossover andmutation process.Steps for selecting initial PopulationStep 1: Check the PM load against threshold value.Step 2: If any PM resource utilization surpasses thethreshold value that can be considered as an overloaded hostStep 3: Select the overloaded servers and sort those PMsbased on their resource utilization value.C. Fitness FunctionThe fitness value plays an important role in any individualsoutput. It is the evaluation methodology of the dominance ofan individual in the population. The performance of anindividual can be determined by its fitness value. Theperformance of an individual can be considered as betterwhen the fitness value is high. The existence or terminationof an individual is completely based on the fitness value.Therefore, the fitness function is an essential part of theGenetic Algorithm. The objective function can be defined asfollows when there is m host in the physical cluster k and mis the number of VM in each host.

Where PMi(Rnbw,ts) represents the remaining Network

Bandwidth of ith PM at the time slot ts, Tnbw represents thetotal Network Bandwidth capacity of ith PM andVMij(Dnbw,ts)represents the demanded NetworkBandwidth of the jth VM of the ith Physical host at the timeslot ts.

10

11

Where PMCk Rcpu , PMCk Rram and PMCk Rnbw

represents the kth physical clusters mean value of CPU,RAM and Network Bandwidth respectively.In our proposed algorithm we consider four objectives inpacking and optimizing the virtual machines in a datacenter: minimizing the total revenues, reducing the powerconsumption cost, reducing the cost of migration, increasingthe total revenues and also reducing the SLA violation rate.These diverse objectives can be accomplished by evaluatingthe following fitness function described in equation 12 whileallocating the VMs

Where PMi(Rcpu,ts) represents the remaining CPU of ith

PM at the time slot ts ,T cpu represents the total CPUcapacity of ith PM and VMij(Dcpu,ts) represents the

97

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

1minimizeN

PMiRcpu

1N

i 1

the new population based on our algorithm 1. Second, two

randomly chosen VMs of existing packing order areinterchanged between servers. In this process we assure thatthe algorithm never interchanges two VMs that came fromthe same server. As a third option, one VM is shifted to adifferent server to generate a new packing order.Based on the information provided by the monitoring driverthe second and third genetic operator works on the packingorder list, to increase the performance of the orderinggenetic process. Finally, for all the above genetic operatorsthe mutation process is done on the VMs with probabilityinversely proportional to the fitness value of the server thatthe VMs originally come from. VMs placed in servers withlesser fitness value are mutated more frequently than VMsplaced in servers with higher fitness value, in order toguarantee that the organization of enhanced server isretained.Presently new children will be an element of thenext generation so we need to choose one solution from thenext generation of solution. Whenever the exit criteria aresatisfied then this algorithm is stopped and returns serverswhich has the highest fitness evaluation value.

n2

PMiRram

i 1

1N

PMiRnbw

12

i 1

The objective function of our algorithm wants to minimize

the standard deviation of the remaining CPU, RAM andNetwork Bandwidth in each host. As we consider that theload of the entire physical cluster instead of taking intoconsideration of the total number of virtual machines in eachphysical host as a load balance metric we developed anobjective function that tries to balance the consumption ofCPU, RAM and Network Bandwidth on each host, in viewof a heterogeneous environment, which consists of differenthosts with different configurations.D. Crossover OperatorGenetic algorithms crossover operator used to combine thequalities of different individuals in the population with theintention of creating a new generation. Hypothetically thenew child will have good qualities from both parents andoptimistically has better fitness. Any two parents have beenchosen with probability relative to the fitness of theindividual. Most of the times, the individuals with highfitness value will reproduce with higher probability than theindividuals with lower fitness value.We followed a methodwhich is similar to the one illustrated in [27] for theimplementation process of the crossover operator. In ourmethodology all of the servers from both parents areintegrated and the servers are sorted based on the fitness.The servers with less remaining capacity of all theindividual resources are at the front of the list, whereas theservers with more remaining capacity are placed at the endof the list. Then our algorithm analytically chooses theservers which has less remaining capacity and remains themtogether in the same group. During this process whenever aselected server contains any VM that belongs to a server thathas been chosen previously, then that server is a superfluousand can be removed in order to avoid duplication. But thisprocess will create a list of servers that may not include allVMs. These VMs which are outstanding that have not beenintegrated in any server will be used to reinserted in to otherservers based on the algorithm 1.E. Mutation ProcessMutation operator in our algorithm comprises threealternatives. First, choice of mutation process removes theVMs of randomly selected servers and the removed VMsconsequently reinserted into the other servers which are in

Table I: Properties required for the index table of physical

machine and physical machine clusterS.NoPhysical MachinePhysicalMachineCluster1Total number of VMs Total number of PMsplaced2

98

Total number of VMs in

eachtype(CPUintensive,RAMintensive, N/W intensive)The percentage of load ofthe PM in each resourcetype individuallyTotal number of CPUcoresutilizedandavailable

Total amount of RAM

utilized and available

Amountofn/wbandwidth utilized andavailable

Total number of PMs

exhausted

Thecumulativepercentage of the loadof the entire PMsThe list of PMswhich can be used toplacetheCPUintensive VMsThe list of PMswhich can be used toplace the memoryintensive VMsThe list of PMswhich can be used toplacetheN/WBandwidth intensiveVMs

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

achieve the better results for load balancing along with costreduction.In the following figures, Fig 2 shows the number of physicalservers utilized by the scheduler to place the set of VMrequest without violating any SLA. Here our proposed hostload aware user hint based algorithm and first fit algorithmuses comparatively same number of physical hosts forplacing the set of VMs. The number of servers used by theproposed algorithm is minimized when compared to theround robin and best fit algorithm.

VIII. PERFORMANCE EVALUATION

A. Experimental SetupThe presented algorithm is implemented in JAVA Net beansIDE. Then we use CloudSim simulator for simulation toassess the execution and performance of our heuristics withsome of the existing scheduling algorithm in terms ofResponse Time, Load Balancing among servers, ReasonableResource Utilization,energy consumption, Minimumnumber of active PMs and Higher profit by reducing thenumber of migrations. The performances of the proposedalgorithm were examined from both users and serviceproviders perception.Since it is difficult to access the real datacenters or cloudinfrastructures we used simulation based evaluation whichcan be easily reproducible to compare the performance ofthe proposed algorithm with the following existing workswhich is currently used by the majority of the cloud serviceproviders: 1) First Fit Algorithm 2) Round RobinScheduling Algorithm 3) Best Fit Algorithm. The simulatedcloud environment contains a cluster of heterogeneous PMsthe total resource capacity of PMs is expressed in percentageand randomly generated VM resource demand includes thenumber of CPU cores, amount of RAM and requirednetwork bandwidth.B. AnalysisThe investigations are done to analyze the effect ourproposed algorithm in number of physical servers requiredto place a certain number of VMs, overall resourceutilization rate of all the active servers, allocation time, loadbalancing, percentage of migration and percentage of SLAviolations. The simulation results show that our proposedalgorithm can use the less number of physical servers forplacing a certain number of VMs which helps to improve theresource utilization rate. The response time of our algorithmis little bit more than the first fit algorithm because of itsnature of allocating VMs is based on the user constraints andpast usage history of the VMs. Higher SLA satisfaction rateand lower load imbalance rate can be observed in resultswhich also show that our multi dimensional host load awareand user constraints based algorithm is applicable, valuableand reliable for implementation in real virtualizedenvironments.Rebalancing of load in datacenter environment need liveVM migrations but more number of frequently moved VMsbetween physical hosts causes increased datacenter costhence the load rebalancing has to be achieved withminimum number of VM migrations in order to solve thisissue we used a modified version of genetic algorithm forload optimization. Our results show that the percentage ofVM migrations had been decreased through which we can

Fig 2: Comparision of the number of Physical Servers

Though the numbers of servers used by the first fit andproposed algorithms are comparatively stable from figure 3we can see that the resource utilization rate of our algorithmis appreciably outperforms the other three algorithms.

Fig 3: Comparision of the overall resource utilization rate

Fig 4 shows that the response time of all the algorithms arecomparatively stable our algorithm takes little bit more timeto allocate VMs than the first fit algorithm because of itsnature of allocating VMs based on the user providedinformation and past usage history of the VMs

99

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

to a new host we achieved the better resource utilization

benefit and balanced load among the physical hosts.

Fig 4: Comparision of the ResponseTime of different

algorithmsThe analysis extremely examines the effect of loadbalancing by using the algorithm and the number ofmigration needed to achieve the load balanced environmentsubsequent to scheduling.Fig 5 shows the percentage of load imbalance value inwhich our algorithm demonstrates that it gets better the wayto obtain the load balancing of the data center than the threeother approaches when the number of VMs to deploy isincreased.

Fig 6: Comparision of the Percentage of VM Migarations

for Load Balancing

Fig 5: Comparision of the percentage of Load Imbalance

Value

Fig 7: Comparision of the Percentage of VMs that violate

their SLA

Our proposed algorithm is effective in improving the

resource utilization rate and load balancing with the help oflive migrations. But one of our major aims is increasing thetotal revenue which requires cutting down the VM migrationcost which can be achieved by reducing the percentage ofVM migration rate. We use migration rate as the estimationmetric which is defined as the percentage of the migratedVMs to the total number of VM instances. We showed theresults in the following Fig. 6.The proposed algorithmdecreases the migrating rate from about 18%-20% to lessthan 13 % which leads to reduce the VM migration cost.Though the curve of our proposed algorithm indicates thatonly less number of VMs migrated from their original host

IX. CONCLUSION AND FUTURE WORK

From the below Fig 7 the low SLA violation rate is observedin the proposed algorithm because it uses the past behaviorof the VM along with the user provided information and itmaps the PM by considering the availability of the each keyresource like CPU, RAM and network bandwidthindividually.

We presented our novel algorithm that considers user

constraints of VM along with physical host load factor toaddress the problem of mapping the VMs into PMs such thatthe number physical host used is minimized, theoverutilization and underutilization of the resources of a hostcan be identified and resolved at the same time withoutviolating any SLA agreements. Since we consider this as amulti potential bin packing problem we combined threedifferent heuristics which considers load factor of hostsalong with user provided information at the various stages ofplacing the VMs in physical hosts. Based on our analysis we100

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

T.Thiruvenkadam was born in

Tiruchengode, Tamil Nadu (TN),India, in 1984. He received theMaster of Science in SoftwareScience [M.Sc(S.S)]degree from thePeriyar University (PU), Salem, TN,India, in 2006. He is currentlypursuing the Ph.D. degree with the Department ofComputer Science, Periyar University,salem. HisresearchinterestsincludeVirtualization,CloudComputing and Distributed Computing.

2. Ibrahim Bayo Momodu

ABSTRACTDue to the need for strong security for customer financialinformation in the banking sector, the sector has startedthe introduction of biometric fingerprint measures inproviding securities for banking systems and software. Inthis paper, we have carefully explained the methodology ofusing this technology in banking sectors for customerverification

opportunities associated with this technology were also

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Information technology has received a lot of advancement

over the years, thus encouraging more improvement ininformation

security.

measures

in

In

order

many

to

improved

data-driven

security

applications,

authentication like biometric plays important roles [1].

Security is the state of being secure. In other words isbuilding protection against advances. Since computersform the major tools used in processing data andmanipulating information in many sector (e.g. bankingsector), there is need to have adequate security for thesecomputers. Meanwhile [2], define computer security as theneed to secure physical location, hardware and computersoftware from outside threats. There exist multiple layersof computer security namely- physical security, personalsecurity, operational security, communication security,network security and information security [2].All these layers of computer security have received seriesof researchers attentions since the information age and alot

of

improvement

has

been

recorded

on

them.

Meanwhile, the layer of information or software security

104

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

still needs a lot of attention as well as other layers. It is

true that computer softwares are used to process data andverily customers account details in the banking sectors.These computers need vigorous software security becauseany little compromise by the system like the bankingAutomatic Teller Machine (ATM) application, can lead toloss of large amount of money which can create problemfor the banks and their customers.Meanwhile for a very long time the banking sectors havebeen using account number, account name and customerssignature for account verification and authentication.These methods of verification and authentication of bankcustomers has make banking operation to be very easy forthe elite and highly difficult for the non-elite and have somany challenges in securing the customers data andmoney. This is true because, people can easily copysomeone account number, forge his/her signature tocommit fraud on that persons account. Also many peoplewho are not familiar with the concept of PIN and accountnumber are unlikely to memorize and recognize it [4], this

105

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

is mainly applicable to the non-educated customers, these

has made many aged people mainly the non educated onesnot to be making use of banks in making their transactionstill we are talking about cashless society. The truth isthat if we must attain the level of cashless society, everybody (both educated and non-educated) must make use ofthe banking transaction thus its operations and methodmust be made simple to access and use. In light of theabove, the banking sector have be making more efforts inintroducing biometrics as a means of customers accountverification and authentication. Recently the central banksof Nigeria make it mandatory for all bank customers toregister their biometric information with their respectivebanks. However these biometric are not used yet as ameant

of

account

verification

and

authentication.

Meanwhile biometric is the utilization of physiological

characteristics to differentiate an individual. It utilizesbiological

characteristics

or

behavioral

features

to

recognize an individual. It is a new way to verity

authenticity [3]. The reason why biometric is gaining more

106

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

attention in the banking sectors is because if used as a

means of identification it will enhance information securityand encourages many (both educated and non educated)customers to perform their transactions using the bankingservices. However, there are challenges and opportunityassociated with the use of biometric fingerprint as a meansof account verification and authentication. This papertherefore presents most of the common challenges andopportunities associated with using biometric fingerprintas a means of account verification and authentication inthe banking sectors. Similarly the paper presents some ofthe solutions that can be given to these challenges, ifbiometric

fingerprint

account

verification

and

authentication must see the light of the day.

BIOMETRIC FINGERPRINTBiometric fingerprint are unique to every human. They aregenerations of numerous ridges and valleys on the surfaceof human figure. A finger print is the flows of ridgespatterns in tip of the finger. Among all biometric traits,fingerprint has one of the highest levels of reliability [5]. In

107

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

the rapid growth of information security, fingerprints are

highly used to secure information system and are highlyreliable. These make many researchers agitating for thefull use of this technology in securing information indifferent sectors. Finger print has so many application likebanking security, ATM security, card transaction, physicalaccess control, voting, identification of criminals asrecorded by [6].Similarly [7], shows in his work how a finger print can beused to control examination screening. The possibilities ofusing

fingerprint

to

perform

verification

and

authentication is determine by the pattern of ridges and

furrows as well as the minutes points. It is also possibleand highly secure to use fingerprint in electronic votingsystem as noted by [8].METHODOLOGYThe banking sector manage large amount of customersdata hence there is need to uniquely identify a particularcustomer for optimal operation and for security purpose.This brought the idea of using account number, signature,

108

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

and name and possibly PINS to identify the individual.

However because of the changes in our society, banksapplication needs more security methodology than theones mentioned above, hence, the need for biometricverification system cannot be under estimated. Thequestion is how can we use biometric fingerprint to securecustomers information in the banking sector?The fingerprint scanner will be used to collect customersfingerprint sample with the aid of a well designed bankingapplication and be stored in the application database. Theapplication will have extended graphical user interfacethat adopt biometric fingerprint access control techniques.Whenever a customer needs his/her account details,he/she will place fingerprint on the scanner provided andthe finger print image at that point will be capture andcompare with the available fingerprint images in thesystem database, to ascertain if matches exist, if there ismatches,

the

system

will

display

the

information

corresponding to that fingerprint images as seen in the

109

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

database else an error message will be display to the

system user.CHALLENGESThere are many challenges in using biometric fingerprintas a means of account verification and authentication inthe banking sector.Allowing Artificial Fingerprint: Many fingerprint system,find it very difficult in detecting artificial finger print asnoted by [3]. This is a serious challenge in using biometricsystem in banking as artificial finger print can be used totrick the biometric application software and still giveaccess to the user, it is therefore a serious challenge forresearcher

to

look

for

supporting

fingerprint

anothersystem

in

best

alternative

detecting

in

artificial

fingerprint.Fingerprint Image Processing Resources: Fingerprintimages require large amount of computer resources beforeit can be successfully processed. When this technology isemployed in banking application, without finding solutionto the large number of computer resources need to store

110

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

and process fingerprint images, the entire system will be

slow and the performance of the system will not beencouraging at all.Processing Fingerprint Images: Processing images acrossthe network is always time consuming thus the need formethods of comparing and processing fingerprint imageswithout actually using the complete image but some of theimage vital properties will help to improve the processingspeed of biometric images mainly when used in thebanking sectors where customers satisfaction and quickresponds is its watch words.Scanner

Software

Development

Kits:

Fingerprint

scanner has a kit that must be used during the

application development, when this kit does not agree withthe used technology during software development, there isalways a serious problem.Registration Process: Sometimes it may take many swipeof fingerprint to register [3]. Thus, there is need ofimproved methods of performing quick registration usingthis kind of system.

111

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Society Effect to Human Fingerprints: The performance

of fingerprint system for identification and authenticationof customers record in the banking sector is highlyaffected by the surface of the individual fingerprint. Somepeople do not have fingerprint, some people chemical hasaffected their fingerprint, and some has cuts on their own,all these poses a lot of challenges in using fingerprint foraccount verification and validation.OPPORTUNITIESSecurity: Biometric provide strong security to system thatneed strong security and authentication. Awasthi andIngolikar (2013) noted that biometric provide a morereliability

than

other

traditional

authentication

component. Using biometric for account verification and

authentication will provide strong security to the system,operation.Cashless Society: When biometric is used for managingcustomers account, it will encourage both educated andnon-educated

to

make

use

of

bank

services

since

customers do not need to memorize account number or

112

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

signature before accessing their account details and it will

help to achieve cashless society in Nigeria. With this alarge number of people will be involved in using bankingservices even the old man in the remote village.PIN-less Society: Using biometric for account verificationand authentication will eliminate the use of PIN inaccessing account details, since when this PIN is stolenthe financial information of that customer is in seriousrisk.Uniqueness of fingerprint: Fingerprint is unique to allhuman. Even, no twins in the world have the samefingerprint making the fingerprint technology crediblysecure for account verification and authentication.Reduction of Cash Theft: Biometric system will help toreduce if not totally eliminating cash theft since the realaccount owner must be present before the accountinformation can be access and transaction made on theaccount.Convenience:environment

Biometricwhere

systems

access

113

are

privileges

convenientare

in

necessary.

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

Biometric account verification will make account owners to

be moving around with their account details withoutholding additional electronic device with them. Thisconvenience alone is a great opportunity in biometricsystem.Estimating Passwords Administrator Cost: The cost ofadministrating and controlling password will be totallyeliminated with biometric system in account verificationand authentication.

114

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

Vol. 13, No. 6, June 2015

CONCLUSIONBiometric is gaining interest and attention in many fieldsof human endeavour to providing strong security tosystems used in different fields. This is also applicable intodays banking sectors where people are agitating for thefull implementation of biometric as means of accountverification and authentication. This paper present a shortintroduction of biometric techniques in securing systemswith more emphasis on how it can be used to securecustomer account information in the banking sectors. Thechallenges and opportunities of using biometrics inbanking application were also discussed in this paper. It isimportant to be address yet has some opportunities thatmust not be under estimated. The information provided inthis

paper

will

help

to

give

guide

to

the

full

implementation of biometric account verification system in

Nigeria banking sectors.

115

http://sites.google.com/site/ijcsis/ISSN 1947-5500

(IJCSIS) International Journal of Computer Science and Information Security,

CALL FOR PAPERS

International Journal of Computer Science and Information SecurityIJCSIS 2015ISSN: 1947-5500http://sites.google.com/site/ijcsis/International Journal Computer Science and Information Security, IJCSIS, is the premierscholarly venue in the areas of computer science and security issues. IJCSIS 2011 will provide a highprofile, leading edge platform for researchers and engineers alike to publish state-of-the-art research in therespective fields of information technology and communication security. The journal will feature a diversemixture of publication articles including core and applied computer science related topics.Authors are solicited to contribute to the special issue by submitting articles that illustrate research results,projects, surveying works and industrial experiences that describe significant advances in the followingareas, but are not limited to. Submissions may span a broad range of topics, e.g.:

Authors are invited to submit papers through e-mail ijcsiseditor@gmail.com. Submissions must be originaland should not have been published previously or be under consideration for publication while beingevaluated by IJCSIS. Before submission authors should carefully read over the journal's Author Guidelines,which are located at http://sites.google.com/site/ijcsis/authors-notes .